Category: Attack Feeds

Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen as a requirement for tracking cybersecurity progress, it often becomes bogged down with technical jargon, complex data, and disconnected spreadsheets that fail to  – Read More  – The Hacker News 

SUMMARY Cybersecurity researchers at Check Point detected a new version of Banshee Stealer in late September 2024, distributed…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that’s disguised as an employee CRM application as part of a supposed recruitment process. “The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website,” the company said. “Victims are prompted to  – Read More  –...

Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024. “The group used lure documents themed around the 2024 Taiwanese presidential candidate Terry Gou, the Vietnamese National Holiday, flood protection in Mongolia, and meeting invitations, including an  – Read More ...

Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote  – Read More  – The Hacker News 

Network segmentation remains a critical security requirement, yet organizations struggle with traditional approaches that demand extensive hardware investments, complex policy management, and disruptive network changes. Healthcare and manufacturing sectors face particular challenges as they integrate diverse endpoints – from legacy medical devices to IoT sensors – onto their production networks.  – Read More  – The Hacker News 

Ever wonder how those “free” browser extensions that promise to save you money actually work? We dive deep into the controversial world of Honey, the coupon-finding tool owned by PayPal, and uncover a scheme that might be leaving you with less savings and your favorite YouTubers with empty pockets. Plus, we take a look at Kagi, the search engine you...

Discover how AI revolutionizes cybersecurity with real-time threat detection, adaptive protection, and advanced data protection to combat evolving…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

The Space Bears ransomware gang stands out from the crowd by presenting itself better than many legitimate companies, with corporate stock images and a professional-looking leak site. Read more in my article on the Tripwire State of Security blog.  – Read More  – Graham Cluley 

The Federal Communications Commission is tightening up reporting requirements that are meant to prove agencies are cracking down on robocalling and phone number spoofing. The commission voted Wednesday to adopt new rules that would put in place stricter filing requirements for the Robocall Mitigation Database, a system used by communications providers to report compliance with federal regulations around combating robocalls....

Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. “Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as create and  – Read More ...

A year after a series of vulnerabilities impacting a pair of Ivanti VPN products prompted an emergency directive from the Cybersecurity and Infrastructure Security Agency to federal agencies, the Utah-based software firm is again experiencing issues with one of its signature systems. The company on Wednesday disclosed two vulnerabilities — CVE-2025-0282 and CVE-2025-0283 — that were affecting Ivanti Connect Secure...

For the upcoming Pwn2Own Automotive contest a total of 4 head units have been selected. One of these is the single DIN Sony XAV-AX8500 that offers a variety of functionality such as wired and wireless Android Auto and Apple CarPlay as well as USB media playback and more. This blog post presents internal photos of the XAV-AX8500 boards and highlights...

Torrance, United States / California, 9th January 2025, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

Explore top cybersecurity risks in crypto, including phishing, ransomware, and MitM attacks. Learn practical tips to safeguard your…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

SUMMARY Cybersecurity researchers at watchTowr have identified over 4,000 live hacker backdoors, exploiting abandoned infrastructure and expired domains.…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

[[{“value”:”Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer. “Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect,” Check Point Research said in a new analysis shared with The Hacker News. “This development allows it to”}]]  – Read More  –...

[[{“value”:”As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.  Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson downloading an AI-powered meeting transcription...

[[{“value”:”Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the past year and some of the most shocking ransom payouts in history, including a $75 million ransom in 2024. Are you prepared to...

[[{“value”:”Japan’s National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019. The primary objective of the attack campaign is to steal information related to Japan’s national”}]]  – Read More  – The Hacker...

[[{“value”:”The ICAO, the UN aviation agency tasked with keeping our skies safe, just got hacked… again. This time, a hacker is offering to sell the personal data of 42,000 job applicants. Read more in my article on the Hot for Security blog.”}]]  – Read More  – Graham Cluley 

[[{“value”:”Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE). The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could then”}]]  – Read More  –...

[[{“value”:”The European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc’s own data privacy regulations. The development marks the first time the Commission has been held liable for infringing stringent data protection laws in the region. The court determined that”}]] ...

[[{“value”:”Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2″}]]  – Read More  –...

​Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. […]  – Read More  – BleepingComputer 

Over 4,000 abandoned but still active web backdoors were hijacked and their communication infrastructure sinkholed after researchers registered expired domains used for commanding them. […]  – Read More  – BleepingComputer 

Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. […]  – Read More  – BleepingComputer 

SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.” […]  – Read More  – BleepingComputer 

Russian internet service provider Nodex confirmed on Tuesday that its network was “destroyed” in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance […]  – Read More  – BleepingComputer 

Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. […]  – Read More  – BleepingComputer 

[[{“value”:” Every chief information security officer worth their salt spends time thinking about the problem of shadow IT in their enterprise. Systems, hardware or infrastructure that might have been connected to your network years ago, for reasons no one can remember, were then summarily forgotten until years later when they become an entry point in a data breach or compromise....

– [[{“value”:”Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security mechanisms that could otherwise flag it as malicious. While there are safeguards...

– [[{“value”:” Microsoft is petitioning a Virginia court to seize software and shut down internet infrastructure that they allege is being used by a group of foreign cybercriminals to bypass safety guidelines for generative AI systems. In a filing with the Eastern District Court of Virginia, Microsoft brought a lawsuit against ten individuals for using stolen credentials and custom software...

– Reflecting on 2024, it has been an eventful year for the Zero Day Initiative Threat Hunting team. Throughout the year, we identified numerous threat actor campaigns exploiting zero-day vulnerabilities, uncovered additional variants of these vulnerabilities, and discovered even more vulnerabilities through our in-the-wild research. In this blog, we will highlight some of the key achievements of the Zero Day...

– [[{“value”:”Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. “The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques,” Cyfirma said in a technical analysis published last week. “It employs”}]]  – Read More ...

– 2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5 common malware families that...

– [[{“value”:”A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.”}]]  – Read More  – The Hacker...

– [[{“value”:”The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices. “IoT products can be susceptible to a range of security vulnerabilities,” the U.S. Federal Communications Commission (FCC) said. “Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear”}]]  – Read More ...

– [[{“value”:”The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2024-41713 (CVSS score: 9.1) – A path traversal vulnerability in Mitel MiCollab that could allow an attacker”}]]  – Read...