Category: Attack Feeds

– [[{“value”:”Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances. “An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows”}]]  –...

– [[{“value”:” An end-of-life version of Ivanti’s cloud IT service management software has a recently released vulnerability that the Cybersecurity and Infrastructure Security Agency says is being exploited. CISA warned that organizations outfitted with Ivanti’s Cloud Service Appliance version 4.6 and below are being targeted by hackers and the bug has been added to the known exploited vulnerabilities (KEV) list....

– [[{“value”:” The State Department announced a fresh round of sanctions for RT and related media companies Friday, accusing the Russian state-funded news outlet of operating a crowdfunding website that funneled weaponry and equipment to Russian soldiers fighting in Ukraine. Secretary of State Antony Blinken said the crowdfunding site was used to purchase weapons and equipment, including drones, radio equipment,...

– A new Android malware called Trojan Ajina.Banker is targeting Central Asia – Discover how this malicious malware disguises…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Details have emerged about a now-patched security flaw impacting Apple’s Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device’s virtual keyboard. The attack, dubbed GAZEploit, has been assigned the CVE identifier CVE-2024-40865. “A novel attack that can infer eye-related biometrics from the avatar image to”}]]  – Read More ...

– [[{“value”:”British authorities on Thursday announced the arrest of a 17-year-old male in connection with a cyber attack affecting Transport for London (TfL). “The 17-year-old male was detained on suspicion of Computer Misuse Act offenses in relation to the attack, which was launched on TfL on 1 September,” the U.K. National Crime Agency (NCA) said. The teenager, who’s from Walsall,...

– [[{“value”:”Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released for CVE-2024-6670 (CVSS score: 9.8) by security researcher Sina Kheirkhah of the Summoning Team, who”}]] ...

– [[{“value”:”Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials (Verizon DBIR, 2024). Solving this problem resolves over 80% of your corporate risk, and a solution is possible.  However, most tools available on the market today cannot offer a complete defense against this attack vector because they were architected to”}]]  –...

– [[{“value”:”Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims’ banking credentials. “The mechanisms include using malformed ZIP files in combination with JSONPacker,” Cleafy security researchers Michele Roviello and Alessandro Strino said. “In addition,”}]]  – Read More  –...

– [[{“value”:” A cyberattack that shut down two of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far...

– [[{“value”:”Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining. The activity, which specifically singles out the Oracle Weblogic server, is designed to deliver malware dubbed Hadooken, according to cloud security firm Aqua. “When Hadooken is executed, it drops a Tsunami malware and deploys a crypto miner,” security researcher”}]]  – Read More  –...

– Singapore, Singapore, 13th September 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– A hacker claims to have stolen 440 GB of data from cybersecurity firm Fortinet, exploiting an Azure SharePoint…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Cybersecurity was once considered a side issue in election administration. Eight years after the Russian government waged a multi-pronged effort to interfere in the 2016 elections and four years after former President Donald Trump left office spewing a flurry of falsehoods in a scorched-earth campaign to undermine the integrity of U.S. voting, things look a little different.  When...

– [[{“value”:” A Strategic Approach to Empower Business Growth Once upon a time, in the bustling realm of modern business, there emerged a dynamic duo: Cybersecurity and Marketing. In a world where digital presence is the heartbeat of commerce, this pair proved essential. Our story begins with an insightful look at how integrating these two realms is […] The post...

– [[{“value”:” In our environment, successful marketing campaigns rely heavily on the use of data and technology. However, with this increased reliance comes an increased risk of cyber threats. For business owners and marketing professionals, understanding the critical role cybersecurity plays in digital marketing is essential to protect your brand, your data, and your customers. Here’s why […] The post...

– A recent National Crime Agency (NCA) investigation led to the arrest of a teenager in Walsall, England, linked…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary user. The issue, tracked as CVE-2024-6678, carries a CVSS score of 9.9 out of a maximum of 10.0 “An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to...

– [[{“value”:”Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2024 with the goal of harvesting financial information and intercepting two-factor authentication (2FA) messages. Singapore-headquartered Group-IB, which discovered the threat in May 2024, said the malware is propagated via a network of Telegram channels”}]]  – Read...

– In the wake of a gathering of industry leaders at Microsoft to discuss the endpoint-security ecosystem, some thoughts  – Read More  – Sophos News 

– [[{“value”:”Starting October 1, WordPress plugin and theme developers must enable 2FA. This move aims to boost security and help prevent supply-chain attacks from targeting millions of websites. Read more in my article on the Tripwire State of Security blog.”}]]  – Read More  – Graham Cluley 

– [[{“value”:” British authorities on Thursday announced the arrest of a teenager last week in connection with a cyberattack targeting Transport for London, the agency responsible for running the city’s sprawling network of public transportation. The unnamed 17-year-old male was arrested Sept. 5 in Walsall, a town outside of Birmingham in the West Midlands, England, according to a statement from...

– [[{“value”:” As you may know, I recently presented my Exchange-related talk during OffensiveCon 2024. This series of 4 blog posts is meant to supplement the talk and provide additional technical details. You can read the first post in this series here. In part 2, I describe the ApprovedApplicationCollection gadget, which was available for abuse because it did not appear...

– Kransom ransomware hides within the StarRail game using DLL side-loading and a legitimate certificate from COGNOSPHERE PTE. LTD.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. “Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions,” Cado Security researchers Tara Gould and Nate Bill said in an analysis published today. “However, Selenium Grid’s default configuration lacks”}]]  – Read More  – The...

– Cybercriminals are increasingly targeting retail affiliate programs with sophisticated cryptocurrency scams. Retailers and customers must stay alert against…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197 countries have been infected by a new malware dubbed Vo1d (aka Void). “It is a backdoor that puts its components in the system storage area and, when commanded by attackers, is capable of secretly downloading and installing third-party software,” Russian...

– Silver Spring, United States, 12th September 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” There are some things money can’t buy; for Mastercard, the cybersecurity firm Recorded Future wasn’t one of those things. The financial payment behemoth announced Thursday that it reached an agreement to acquire the threat intelligence company for $2.65 billion, representing a major expansion of its cybersecurity services.  “Recorded Future adds to how we deliver that greater peace of...

– [[{“value”:”The Irish Data Protection Commission (DPC) has announced that it has commenced a “Cross-Border statutory inquiry” into Google’s foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users. “The statutory inquiry concerns the question of whether Google has complied”}]]  – Read...

– [[{“value”:”Iraqi government networks have emerged as the target of an “elaborate” cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister’s Office and the Ministry of Foreign Affairs, cybersecurity company Check Point said in a new analysis. OilRig, also called APT34, Crambus, Cobalt Gypsy, GreenBug,”}]]  –...

– [[{“value”:”Cato CTRL (Cyber Threats Research Lab) has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato’s global customers, between April and June 2024. Key Insights from the Q2 2024 Cato CTRL SASE Threat Report The report is...

– [[{“value”:”It’s a case of algorithm and blues as we look into an AI music scam, Ukraine believes it has caught a spy high in the sky, and a cocaine-fuelled bear goes on the rampage. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.”}]]  – Read...

– Seven critical-severity vulnerabilities addressed, including an extraordinary (but narrow) Windows Update flaw  – Read More  – Sophos News 

– Torrance, United States / California, 12th September 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement is expected to come into effect starting October 1, 2024. “Accounts with commit access can push updates and changes to plugins and themes used by millions of WordPress sites worldwide,” the”}]]  –...

– DragonRank, a Chinese-speaking hacking group, has compromised 30+ Windows servers globally. They exploit IIS vulnerabilities to manipulate SEO…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Election officials sounded the alarm Wednesday in a letter to the U.S. Postal Service that says the agency needs to take urgent action to improve the delivery of election-related mail like mail-in ballots. The letter, representing state and local election officials in all 50 states and the District of Columbia, comes shortly after the Postal Service touted its...

– [[{“value”:” Developers rejoice: WordPress.org will be beefing up default security practices by requiring accounts to enable two-factor authentication if they have direct access to the codebases that power  plugins and themes.  The move, which will take effect Oct. 1, is aimed at preventing hijacked developer accounts from spreading malicious code to the likely hundreds of millions of sites using...

– [[{“value”:”The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances by leveraging a combination of both known and unknown security flaws. Targets include devices from TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR, according to a new report by French cybersecurity company Sekoia. “The Quad7 botnet operators appear to be”}]] ...

– [[{“value”:”A “simplified Chinese-speaking actor” has been linked to a new campaign that has targeted multiple countries in Asia and Europe with the end goal of performing search engine optimization (SEO) rank manipulation. The black hat SEO cluster has been codenamed DragonRank by Cisco Talos, with victimology footprint scattered across Thailand, India, Korea, Belgium, the Netherlands, and China. “”}]]  –...

– Cybercriminals target Trump’s digital trading cards using phishing sites, fake domains, and social engineering tactics to steal sensitive…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Taylor Swift said she would support Democratic Vice President Kamala Harris for president shortly after Tuesday night’s debate ended, taking a shot along the way at former president Donald Trump’s use of artificial intelligence and deepfake images to falsely claim that she was supporting his campaign. “Recently I was made aware that AI of ‘me’ falsely endorsing Donald...

– [[{“value”:”The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9, 2024, simultaneously at several locations. The six men, aged between 32...

– [[{“value”:”Imagine a world where you never have to remember another password. Seems like a dream come true for both end users and IT teams, right? But as the old saying goes, “If it sounds too good to be true, it probably is.”  If your organization is like many, you may be contemplating a move to passwordless authentication. But the...

– [[{“value”:”Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. “The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews,” ReversingLabs researcher Karlo Zanki said. The activity has been assessed to be part...

– [[{“value”:”A man from New York City has admitted to computer hacking and associated crimes after being caught with a laptop containing hundreds of thousands of stolen payment card details. Read more in my article on the Hot for Security blog.”}]]  – Read More  – Graham Cluley 

– [[{“value”:”Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows – CVE-2024-29847 (CVSS score: 10.0) – A deserialization of untrusted data vulnerability that allows a remote unauthenticated attacker to achieve code execution.”}]]  – Read More ...

– [[{“value”:”Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from...

– Palo Alto, USA/California, 11th September 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News