AttackFeed Cybersecurity News
– [[{“value”:”A Dutch court on Tuesday sentenced one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service to 5 years and 4 months in prison. While the name of the defendant was redacted in the verdict, it’s known that Alexey Pertsev, a 31-year-old Russian national, has been awaiting trial in the Netherlands on money laundering charges.”}]] – Read More – The Hacker News
Microsoft has released patches for three zero-day vulnerabilities including two actively exploited in the wild – Read More –
– A return to pre-April CVE volumes, mostly for Windows, though two vulns – or is it three? — are already under exploit – Read More – Sophos News
Multiple vulnerabilities have been discovered in Siemens Ruggedcom Crossbow, the most severe of which could allow for arbitrary code execution. Siemens Ruggedcom Crossbow Access Management solution designed to provide cybersecurity compliance for industrial control systems. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged-on user. Depending on the...
[[{“value”:” Multiple vulnerabilities have been discovered in Mozilla Products, the most severe of which could allow for arbitrary code execution. Mozilla Firefox is a web browser used to access the Internet. Mozilla Firefox ESR is a version of the web browser intended to be deployed in large organizations. Mozilla Thunderbird is an email client. Successful exploitation of the most severe...
[[{“value”:” Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Adobe Acrobat is a family of application software and Web services used to view, create, manipulate, print and manage Portable Document Format (PDF) files. Adobe Substance3D Painter is a 3D painting software that allows users to texture and add materials...
– The post DeRusha stepping down from ONCD, federal CISO roles appeared first on CyberScoop. – Read More – CyberScoop
– [[{“value”:” Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS and Adobe users, and for the Chrome Web browser, which just patched its own zero-day flaw. First, the...
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to...
[[{“value”:” Title: Microsoft Releases May 2024 Security Updates Content: Microsoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisory and apply the necessary updates: Microsoft Security Update Guide for May “}]] –...
A vulnerability has been discovered in Google Chrome, which could allow for arbitrary code execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user...
– [[{“value”:” Welcome to the second Tuesday of May. As expected, Adobe and Microsoft have released their standard bunch of security patches. Take a break from your regular activities and join us as we review the details of their latest advisories. If you’d rather watch the full video recap covering the entire release, you can check out the Patch Report...
– [[{“value”:”Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sensitive information, trigger a denial-of-service (DoS) condition, and execute code under certain circumstances. The four vulnerabilities impact Workstation versions 17.x and Fusion versions 13.x, with fixes available in version 17.5.2 and”}]] – Read More – The Hacker News
– [[{“value”:” By Deeba Ahmed Android Security Alert- Hackers are disguising malware as popular apps like Instagram and Snapchat to steal your login details. Learn how to identify fake apps and protect yourself from this sneaky cyberattack. This is a post from HackRead.com Read the original post: Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data “}]] – Read...
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and financial gain – Read More –
Comparitech said 2023 was a record year for breaches with 954 reported, up from 139 in 2022 and 783 in 2021 – Read More –
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US National Vulnerability Database (NVD) since May 9 – Read More –
The guide is designed to provide high-risk communities with actionable steps to bolster their cybersecurity defenses – Read More –
Contractors and other organizations that do business with the federal government now have clearer, more straightforward guidance for protecting sensitive data. – Read More – News and Events Feed by Topic
[[{“value”:” Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, macOS, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following advisories and apply necessary updates: Safari 17.5 iOS 17.5 and iPadOS 17.5 iOS 16.7.8 and iPadOS 16.7.8...
– [[{“value”:”Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild. The high-severity vulnerability, tracked as CVE-2024-4761, is an out-of-bounds write bug impacting the V8 JavaScript and WebAssembly engine. It was reported anonymously on May 9, 2024. Out-of-bounds write bugs could be typically”}]] – Read More –...
– [[{“value”:” By Deeba Ahmed Hackers are hiding malicious messages in everyday internet traffic! Learn how DNS tunneling works and how to protect yourself from this sneaky cyberattack. Stop hackers from scanning your network and tracking your clicks. This is a post from HackRead.com Read the original post: DNS Tunneling Used for Stealthy Scans and Email Tracking “}]] – Read...
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft – Read More –
Infosecurity Europe research highlights significant challenges faced by organisations in staying up to speed with increasing compliance requirements – Read More –
GCHQ chief warns China’s cyber actions threaten global internet security, while Russia and Iran pose immediate risks – Read More –
[[{“value”:” CISA released four Industrial Control Systems (ICS) advisories on May 14, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-135-01 Rockwell Automation FactoryTalk Remote Access ICSA-24-135-02 SUBNET PowerSYSTEM Center and Substation Server ICSA-24-135-03 Johnson Controls Software House C-CURE 9000 ICSA-24-135-04 Mitsubishi Electric Multiple FA Engineering Software Products CISA encourages users and administrators...
[[{“value”:” View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.7 ATTENTION: low attack complexity Vendor: Johnson Controls Equipment: Software House C●CURE 9000 Vulnerability: Insertion of Sensitive Information into Log File 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to access credentials used for access to the application. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls reports that...
[[{“value”:” View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.0 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: Multiple FA Engineering Software Products Vulnerabilities: Improper Privilege Management, Uncontrolled Resource Consumption, Out-of-bounds Write, Improper Privilege Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities may allow a local attacker to cause a Windows blue screen error that results in a denial-of-service condition...
[[{“value”:” View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.0 ATTENTION: Low attack complexity Vendor: Rockwell Automation Equipment: Factory Talk Remote Access Vulnerability: Unquoted Search Path or Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to enter a malicious executable and run it as a system user, resulting in remote code execution. 3. TECHNICAL DETAILS 3.1...
[[{“value”:” View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: Subnet Solutions Inc. Equipment: PowerSYSTEM Center Vulnerabilities: Reliance on Insufficiently Trustworthy Component 2. RISK EVALUATION Successful exploitation of the vulnerabilities in components used by PowerSYSTEM Center could allow privilege escalation, denial-of-service, or arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS SUBNET Solutions reports that the...
Join the community of service providers helping to protect the UK from cyber attacks. – Read More – NCSC Feed
– [[{“value”:”The maintainers of the Cacti open-source network monitoring and fault management framework have addressed a dozen security flaws, including two critical issues that could lead to the execution of arbitrary code. The most severe of the vulnerabilities are listed below – CVE-2024-25641 (CVSS score: 9.1) – An arbitrary file write vulnerability in the “Package Import” feature that”}]] – Read More – The...
– [[{“value”:” By Waqas Kaspersky’s Global Research and Analysis Team (GReAT) has released its latest quarterly report (Q1 2024) on the advanced persistent threat (APT) activity, highlighting several key trends in the threat and risk environment. This is a post from HackRead.com Read the original post: Kaspersky Reveals Global Rise in APTs, Hacktivism and Targeted Attacks “}]] – Read More ...
– [[{“value”:”Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation. “The incident involves a threat actor overwhelming a user’s email with junk and calling the user, offering assistance,” Rapid7 researchers Tyler McGraw, Thomas Elkins, and”}]] – Read More – The Hacker News
– Deploying advanced authentication measures is key to helping organizations address their weakest cybersecurity link: their human users. Having some form of 2-factor authentication in place is a great start, but many organizations may not yet be in that spot or have the needed level of authentication sophistication to adequately safeguard organizational data. When deploying – Read More – The Hacker News
UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses – Read More –
– [[{“value”:” The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Today’s threat landscape is as dangerous as it has ever been. Global unrest, emerging technologies, and economic downturn all contribute to persistently high cybercrime rates and...
– [[{“value”:” The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. Today’s threat landscape is as dangerous as it has ever been. Global unrest, emerging technologies, and economic downturn all contribute to persistently high cybercrime rates and...
– [[{“value”:”Security agencies in the United States have issued a new warning about the Black Basta ransomware group, in the wake of a high-profile attack against the healthcare giant Ascension. The cyber attack last week forced the Ascension computer systems offline, and caused some hospital emergency departments to turn away ambulances “in order to ensure emergency cases are triaged immediately.”...
– [[{“value”:”Security agencies in the United States have issued a new warning about the Black Basta ransomware group, in the wake of a high-profile attack against the healthcare giant Ascension. The cyber attack last week forced the Ascension computer systems offline, and caused some hospital emergency departments to turn away ambulances “in order to ensure emergency cases are triaged immediately.”...
[[{“value”:” CISA, in partnership with the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with recommended actions and mitigations to reduce the risk of cyber intrusions. Additionally, the guide encourages software manufactures to actively...
[[{“value”:” CISA, in partnership with the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI) and international partners, released Mitigating Cyber Threats with Limited Resources: Guidance for Civil Society. The joint guidance provides civil society organizations and individuals with recommended actions and mitigations to reduce the risk of cyber intrusions. Additionally, the guide encourages software manufactures to actively...
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group – Read More –
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities – Read More –
– I am delighted to announce that the Sophos Incident Response service has been awarded U.K.’s National Cyber Security Centre (NCSC) Cyber Incident Response (CIR) Level 2 status by CREST. This assurance confirms that amid the sophisticated cybersecurity threat landscape, Sophos has the experience and capabilities to deal with incidents caused by financially motivated criminals, such […] – Read More ...
– While 97% of organizations hit by ransomware report the attack, the level of involvement of law enforcement and/or official bodies varies considerably by country. – Read More – Sophos News
– [[{“value”:”Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. “This will help mitigate the misuse of devices designed to help keep track of belongings,” the companies said in...
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete...
– [[{“value”:” By Uzair Amir Top-notch stores are moving online as eCommerce continues to lead with breakthrough innovations that are transforming global business… This is a post from HackRead.com Read the original post: Future of eCommerce: Emerging Technologies Shaping Online Retail in 2024 “}]] – Read More – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News
– [[{“value”:” By Deeba Ahmed Encrypted email services like ProtonMail and Wire promise privacy, but can they guarantee anonymity? A recent case in Spain has users questioning the limitations of encryption when law enforcement steps in. This is a post from HackRead.com Read the original post: Police Accessed Proton Mail User Data in Terrorism Probe “}]] – Read More –...
