Category: Attack Feeds

– [[{“value”:” Scoop News Group is delighted to present the outstanding recipients of the 2024 CyberScoop 50 Awards. These prestigious accolades recognize the exceptional achievements of cybersecurity leaders who safeguard our essential networks, data, and infrastructure while pioneering innovation in this critical field. This year, voters from across the nation spent three months nominating and selecting leaders who have exhibited...

– [[{“value”:”Operational Technology (OT) security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container cranes are mostly automated. Diagnostics, maintenance, upgrade and adjustments to these critical systems are done”}]]  –...

– [[{“value”:”Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. “The campaigns target sensitive information from different crypto wallets, including Coinbase, MetaMask, Phantom, Trezor, and Bitbuy, as well as login credentials for”}]]  – Read More ...

– [[{“value”:”A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. “This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network activity, maintain stealth, and much more,” SafeBreach”}]]  – Read More  –...

– SafeBreach Labs unveils ‘Windows Downdate,’ a new attack method which compromises Windows 11 by downgrading system components, and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Four members of the now-defunct REvil ransomware operation have been sentenced to several years in prison in Russia, marking one of the rare instances where cybercriminals from the country have been convicted of hacking and money laundering charges. Russian news publication Kommersant reported that a court in St. Petersburg found Artem Zaets, Alexei Malozemov, Daniil Puzyrevsky, and Ruslan”}]]  –...

– [[{“value”:”The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale campaign targeting cloud-native environments for mining cryptocurrencies and renting out breached servers to third-parties. “The group is currently targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and cryptominers, using compromised servers and Docker Hub as the infrastructure”}]]  – Read More  –...

– [[{“value”:”The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. “The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust architecture,” CERT-UA said. “These emails contain attachments in the form of Remote Desktop Protocol (‘.rdp’”}]]  – Read More  – The...

– [[{“value”:” Federal authorities say they are investigating “unauthorized access to telecommunications commercial infrastructure” from Chinese hackers as news reports allege that the hackers may have used that access to target the phones and data of Republican presidential candidate Donald Trump and vice-presidential candidate J.D. Vance. In a joint statement released Friday, the FBI and the Cybersecurity and Infrastructure Security...

– [[{“value”:” An elections office in key presidential swing state Pennsylvania said a video circulating online this week purporting to depict the destruction of valid ballots is  fake, and a prominent disinformation researcher claims a Russian influence actor is behind the effort. The video appeared on X and other social media sites this week showing an unidentified individual opening envelopes...

– [[{“value”:”A US $10 million reward is being offered to anyone who has information about four members of an Iranian hacking group. The US government’s Rewards for Justice initiative is making the reward available for information about four men believed to be members of Shahid Hemmat, a hacking gang backed by Iran’s Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC). Read...

– [[{“value”:” The Change Healthcare data breach in February affected 100 million Americans, the company told the Health and Human Services Department this week, making it the biggest breach of health care data ever reported to U.S. regulators. The development is the latest ripple in what was already an unprecedented attack, one in which the company paid a $22 million...

– QR codes are enhancing education by giving students instant access to study resources, interactive homework, and collaborative tools.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Linux Foundation removes 11 Russian developers from the Linux kernel project due to U.S. sanctions. Linus Torvalds confirms…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute arbitrary code with elevated privileges. The CERT Coordination Center (CERT/CC) said the vulnerability, tracked as CVE-2024-41992, said the susceptible code from the Wi-Fi Alliance has been found deployed on Arcadyan FMIMG51AX000J routers. “This flaw allows an unauthenticated local attacker to”}]]  – Read More  –...

– Fortinet and Mandiant investigated the mass exploitation of FortiManager devices via CVE-2024-47575, impacting 50+ systems across industries. Threat…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Apple has publicly made available its Private Cloud Compute (PCC) Virtual Research Environment (VRE), allowing the research community to inspect and verify the privacy and security guarantees of its offering. PCC, which Apple unveiled earlier this June, has been marketed as the “most advanced security architecture ever deployed for cloud AI compute at scale.” With the new technology, the...

– Make the most of your Sophos Firewall.  – Read More  – Sophos News 

– [[{“value”:”The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making “materially misleading disclosures” related to the large-scale cyber attack that stemmed from the hack of SolarWinds in 2020. The SEC said the companies – Avaya, Check Point, Mimecast, and Unisys – are being penalized for how they handled the disclosure process in...

– [[{“value”:”Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors. Today, AI-based attacks are not just theoretical threats—they’re happening across industries and outpacing traditional defense mechanisms.  The solution, however, is not futuristic. It turns out a properly designed identity security platform is able to deliver defenses”}]]  – Read More ...

– [[{“value”:” It’s the final day of our first ever Pwn2Own Ireland. After three days of exploitation, we have awarded $993,625, so it seem likely we will pass the $1,000,000 mark. Still, there are no guarantees in Pwn2Own, so stay tuned for all the results. “}]]  – Read More  – Zero Day Initiative – Blog 

– [[{“value”:”The Irish data protection watchdog on Thursday fined LinkedIn €310 million ($335 million) for violating the privacy of its users by conducting behavioral analyses of personal data for targeted advertising. “The inquiry examined LinkedIn’s processing of personal data for the purposes of behavioral analysis and targeted advertising of users who have created LinkedIn profiles (members),” the Data”}]]  – Read...

– Blockchain, known for its role in cybersecurity, fintech, and cryptocurrencies, raises the question: Is it secure? Absolutely! With…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Fortinet and Mandiant are sounding the alarms about an active campaign exploiting a critical bug in FortiManager products that allows a remote hacker to manage associated devices. Mandiant and Fortinet investigated more than 50 organizations this month that were hit by the campaign, but found indications that it started as early as June 27. The Google-owned cybersecurity firm...

– [[{“value”:” The problem of fake remote tech workers attempting to gain employment at Western companies has been in the news quite a bit these days. Quite a bit.   But this problem may not be restricted to North Korean operatives, and more and more organizations are stepping up to reveal their own encounters with fake IT employees, while sounding an...

– Secure payment solutions ensure safe transfers amidst rising risks of cybercrime and fraud. Discover how third-party platforms like…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Cybersecurity researchers have discovered an advanced version of the Qilin ransomware sporting increased sophistication and tactics to evade detection. The new variant is being tracked by cybersecurity firm Halcyon under the moniker Qilin.B. “Notably, Qilin.B now supports AES-256-CTR encryption for systems with AESNI capabilities, while still retaining Chacha20 for systems that lack this support”}]]  – Read More  – The...

– [[{“value”:”Historically, Mac users haven’t had to worry about malware as much as their Windows-using cousins. But that doesn’t mean that Mac users should be complacent. And the recent discovery of a new malware strain emphasises that the threat – even if much smaller than on Windows – remains real. Read more in my article on the Tripwire State of...

– [[{“value”:”Cybersecurity researchers have disclosed a security flaw impacting Amazon Web Services (AWS) Cloud Development Kit (CDK) that could have resulted in an account takeover under specific circumstances. “The impact of this issue could, in certain scenarios, allow an attacker to gain administrative access to a target AWS account, resulting in a full account takeover,” Aqua said in a report...

– [[{“value”:”Cisco on Wednesday said it has released updates to address an actively exploited security flaw in its Adaptive Security Appliance (ASA) that could lead to a denial-of-service (DoS) condition. The vulnerability, tracked as CVE-2024-20481 (CVSS score: 5.8), affects the Remote Access VPN (RAVPN) service of Cisco ASA and Cisco Firepower Threat Defense (FTD) Software. Arising due to resource”}]]  –...

– A cybersecurity researcher discovered a massive data leak exposing over 115,000 sensitive documents associated with the UN Trust…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Ransomware developers are used to their malware being detected. Once defenses against it have been built, they revise and update their code to circumvent those defenses. Then developers deploy an updated version in renewed attacks, often with increased sophistication, to evade detection and achieve their malicious objectives. That cycle has started anew with the Qilin ransomware-as-a-service operation, according...

– [[{“value”:”Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us for so long that we somehow overlooked them. When the Department of Homeland Security, through the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, issues a cybersecurity warning and prescribes specific action, it’s a pretty good...

– [[{“value”:”The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it discovered a novel attack chain in May 2024 that targeted the personal computer of an unnamed Russian national with the Manuscrypt backdoor. This entails...

– [[{“value”:”Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild. Tracked as CVE-2024-47575 (CVSS score: 9.8), the vulnerability is also known as FortiJump and is rooted in the FortiGate to FortiManager (FGFM) protocol. “A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may”}]]  – Read More ...

– [[{“value”:” Welcome to Day Three of our first ever Pwn2Own Ireland competition! We’ve already awarded $874,875, and we have 15 attempts left to go. Will we hit the $1,000,000 mark or will all remaining attempts end up in bug collisions? Stay tuned to find out. All times are Irish Standard Time (GMT +1:00). “}]]  – Read More  – Zero...

– A hacker leaked the personal data of 180,000 Esport North Africa users just before the tournament. While no…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”The SolarWinds have returned to haunt four cybersecurity companies who tried to hide their breaches and ended up with their trousers around their ankles, and North Korea succeeds in getting one of its IT workers hired… but what’s their plan? All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity...

– [[{“value”:”New variants of a banking malware called Grandoreiro have been found to adopt new tactics in an effort to bypass anti-fraud measures, indicating that the malicious software is continuing to be actively developed despite law enforcement efforts to crack down on the operation. “Only part of this gang was arrested: the remaining operators behind Grandoreiro continue attacking users all...

– Cisco Talos reveals TA866’s (also known as Asylum Ambuscade) sophisticated tactics and its link to the new WarmCookie…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– On October 24 and 25, SophosAI presents ideas on how to use models large and small—and defend against malignant ones.  – Read More  – Sophos News 

– [[{“value”:”A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-38094 (CVSS score: 7.2), has been described as a deserialization vulnerability impacting SharePoint that could result”}]]  – Read More  – The Hacker News 

– [[{“value”:”Identity security is front, and center given all the recent breaches that include Microsoft, Okta, Cloudflare and Snowflake to name a few. Organizations are starting to realize that a shake-up is needed in terms of the way we approach identity security both from a strategic but also a technology vantage point.  Identity security is more than just provisioning access ...

– Millions of iOS and Android users are at risk after Symantec discovered that popular apps contain hardcoded, unencrypted…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Cyber attackers are using encoded JavaScript files to hide malware, abusing Microsoft’s Script Encoder to disguise harmful scripts…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The United States remains highly vulnerable to the negative economic and security impacts posed by cyber threats. Despite the robust work of numerous administrations, our nation’s critical infrastructure still lacks resiliency and we have failed to secure our most systemically important entities. In order for this to change, cybersecurity must be an essential, day-one policy priority for the...

– [[{“value”:” Not long ago, the ability to digitally track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a dangerous power that should remain only within the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access...

– [[{“value”:”Threat actors have been observed abusing Amazon S3 (Simple Storage Service) Transfer Acceleration feature as part of ransomware attacks designed to exfiltrate victim data and upload them to S3 buckets under their control. “Attempts were made to disguise the Golang ransomware as the notorious LockBit ransomware,” Trend Micro researchers Jaromir Horejsi and Nitesh Surana said. “However, such is”}]]  –...

– It may come as a surprise to learn that 34% of security practitioners are in the dark about how many SaaS applications are deployed in their organizations. And it’s no wonder—the recent AppOmni 2024 State of SaaS Security Report reveals that only 15% of organizations centralize SaaS security within their cybersecurity teams. These statistics not only highlight a critical...