Category: Attack Feeds

– Microsoft’s November 2024 Patch Tuesday update fixes 91 security vulnerabilities, including four zero-day vulnerabilities. Critical fixes address actively…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The telecommunications industry, airlines, and some power generation utilities have elevated cyber risks due to digitization and lax security practices, according to a new report from Moody’s Rating that places the sectors in the “high risk” category. The financial ratings service released a cyber heat map Tuesday that looks at the risk profiles of 71 sectors globally and...

– [[{“value”:” Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. The zero-day flaw tracked as CVE-2024-49039 is a bug in...

– [[{“value”:” Managed services provider Trustwave and cybersecurity software company Cybereason announced a merger on Tuesday, with the hopes of expanding market share and using each company’s product portfolio to boost the others’ offerings.  Terms were not disclosed. The transaction is supposed to close in early 2025, pending customary closing conditions and regulatory approvals.  The two companies described the merger...

– Aftermath of MOVEit vulnerability: Data vigilante ‘Nam3L3ss’ leaks nearly 8 million employee records from industry giants like Amazon,…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”In episode 24 of The AI Fix, Mark makes an unforgivable error about the Terminator franchise, our hosts wonder if a “seductive” government chatbot will make it easier to talk about tax, a radio station abandons its three month AI experiment after a week, and OpenAI parks its tanks on Google’s lawn. Graham gets cosmic and wonders why we...

– [[{“value”:” President-elect Donald Trump’s selection of Kristi Noem to lead the Department of Homeland Security bodes poorly for the agency’s cybersecurity grants to state and local governments, given her opposition to the program while serving as chief executive of her state. Trump will nominate the South Dakota governor to serve as secretary of DHS, numerous news outlets reported Tuesday....

– [[{“value”:” It’s not quite the holiday season, despite what some early decorators will have you believe. It is the second Tuesday of the month, and that means Adobe and Microsoft have released their regularly scheduled updates. Take a break from your regular activities and join us as we review the details of their latest security alerts. If you’d rather...

– [[{“value”:”Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D’ Luffy) on the Runion forum earlier this August, is advertised as a tool that allows criminal actors to extract email addresses...

– [[{“value”:”Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video stream of the”}]]  –...

– [[{“value”:” United States authorities have publicly released their indictment of two suspected cybercriminals, allegedly responsible for breaking into the cloud platforms used by major companies, including AT&T.  Connor Moucka and John Binns are accused of executing an international hacking and extortion scheme targeting over 10 organizations, with demands for ransom following the theft of sensitive data. They reportedly extorted...

– Romance Scammer Sentenced to 25 Years for Hostage-Taking. The Venezuelan national lured US citizens via online dating and…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– SlashNext researchers have discovered a new, sophisticated phishing tool GoIssue targeting GitHub developers. Learn about its capabilities, the…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Threat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which made the discovery based on artifacts uploaded to the VirusTotal platform earlier this month, said...

– [[{“value”:” Hackers associated with North Korea were discovered embedding malware inside macOS applications built with an open-source software development kit, according to researchers at Jamf, a company that makes software geared toward mobile device management.  The research, released Tuesday, details malware discovered in November by researchers on VirusTotal, a popular online file analysis tool. While the code was malicious,...

– Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leveraging behavioral insights during alert triage and investigation, SOCs can transform their workflows to become more  – Read More  – The Hacker...

– [[{“value”:”Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. Read more in my article on the Tripwire State of Security blog.”}]]  – Read More  – Graham Cluley 

– [[{“value”:”Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. “Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness,” Russian cybersecurity vendor Kaspersky said. “Threat actors leveraged an unconventional blend”}]]  – Read More  – The...

– [[{“value”:” As organizations continue to align their operational strategies with evolving digital ecosystems and technologies, the concept of network resilience has become a priority. A major mindset shift is that modern networks must be designed not just for speed and efficiency but also for flexibility, security, and the ability to hold out against disruptions. Whether due to an influx...

– A vulnerability in Microsoft Bookings can expose your organization to serious security risks. Learn how attackers can exploit…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. “In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: ‘Are Bengal Cats legal in Australia?,’” Sophos researchers Trang Tang,...

– TEL AVIV, Israel, 11th November 2024, CyberNewsWire  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– A critical security vulnerability in Palo Alto Networks’ Expedition tool is being actively exploited by hackers. CISA urges…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Bitcoin Fog operator sentenced to 12.5 years for laundering $400M in crypto. The dark web’s longest-running mixer processed…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”SelectBlinds, a popular online retailer of blinds and shades, has disclosed a security breach that has impacted 206,238 of its customers. Hackers successfully managed to embed malware onto the company’s website, capable of stealing sensitive information, including credit card details, names, addresses, phone numbers, and login credentials. Read more in my article on the Hot for Security blog.”}]]  –...

– ⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality. Today’s attackers have become so sophisticated that they’re using our trusted tools as...

– [[{“value”:”Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing it was first put through a crash test, security systems must also be validated to confirm their value.”}]]  –...

– [[{“value”:”Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access Points running Instant AOS-8 and AOS-10 – AOS-10.4.x.x: 10.4.1.4 and below Instant AOS-8.12.x.x: 8.12.0.2 and below Instant AOS-8.10.x.x:”}]]  – Read More  – The Hacker News 

– [[{“value”:”Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week. The server-side weaknesses “allow attackers to hijack important servers in the”}]]  – Read More  – The Hacker News 

– [[{“value”:”Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT “provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer,” Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week. “However, threat actors have”}]]  – Read...

– With cybersecurity threats continuously evolving, having a strong incident response (IR) plan is crucial for businesses of all…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. In an alert (PDF) published this week, the FBI said it has...

– This article explains the inner workings of the Remcos RAT, a dangerous malware that uses advanced techniques to…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:”Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. “Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface,” the company said. “At this time, we do not know...

– [[{“value”:”The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual Russian-Swedish national, pleaded guilty to charges of money laundering and operating an unlicensed money-transmitting business earlier this March. The U.S. Department of Justice (DoJ)”}]]  – Read...

– Hackers can exploit critical vulnerabilities in Mazda’s infotainment system, including one that enables code execution via USB, compromising…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– Last month, Sophos X-Ops reported several MDR cases where threat actors exploited a vulnerability in Veeam backup servers. We continue to track the activities of this threat cluster, which recently included deployment of a new ransomware. The vulnerability, CVE-2024-40711, was used as part of a threat activity cluster we named STAC 5881. Attacks leveraged compromised […]  – Read More ...

– [[{“value”:”The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. “This botnet utilizes remote code execution and credential-stealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures,” CloudSEK said in a”}]]  – Read More  – The Hacker News 

– [[{“value”:”A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. “This incident highlights the alarming ease with which threat actors can launch supply chain attacks by exploiting trust and human error within the open source ecosystem, and using readily available”}]] ...

– [[{“value”:”High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called ElizaRAT and a new stealer payload dubbed ApoloStealer on specific victims of interest, Check Point”}]]  – Read...

– We’ve all heard a million times: growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and medium-sized businesses (SMBs) are increasingly targeted by cyberattacks but often lack the resources for full-time Chief Information Security Officers (CISOs). This gap is driving the rise of the virtual CISO (vCISO) model, offering a cost-effective  –...

– [[{“value”:”Let’s face it—traditional security training can feel as thrilling as reading the fine print on a software update. It’s routine, predictable, and, let’s be honest, often forgotten the moment it’s over. Now, imagine cybersecurity training that’s as unforgettable as your favorite show. Remember how “Hamilton” made history come alive, or how “The Office” taught us CPR (Staying Alive beat,...

– [[{“value”:”Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts. The “intriguing” campaign, codenamed CRON#TRAP, starts with a malicious Windows shortcut (LNK) file likely distributed in the form of a ZIP archive via a phishing email. “What makes the CRON#”}]] ...

– [[{“value”:”The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.3), concerns a case of missing authentication in the Expedition migration tool that”}]]  – Read More  – The Hacker...

– SteelFox malware targets software pirates through fake activation tools, stealing credit card data and deploying crypto miners. Learn…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” Multiple vulnerabilities have been discovered in the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, such as the Mazda 3 model year 2014-2021. Like in so many cases, these vulnerabilities are caused by insufficient sanitization when handling attacker-supplied input. A physically present attacker could exploit these vulnerabilities by connecting a specially crafted USB device...

– The malicious Python package “Fabrice” on PyPI mimics the “Fabric” library to steal AWS credentials, affecting thousands. Learn how…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News 

– [[{“value”:” The Transportation Security Administration issued long-waited proposed cyber mandates Thursday that would set in stone, harmonize, and add to the emergency security directives first issued following the Colonial Pipeline ransomware attack in 2021. The notice of proposed rulemaking (NOPR) will serve as one of the last major policy actions the Biden administration will take to protect critical infrastructure...

– [[{“value”:” Executive branch agencies were briefing a slate of House committees Thursday about a Chinese hack that infiltrated major telecommunications companies and reportedly targeted the phones of top members of the Donald Trump campaign — including the president-elect himself — and top U.S. officials, according to a source familiar with the plans. The committees receiving the briefing are the...

– CloudSEK reports that the Androxgh0st botnet has integrated with the Mozi botnet and exploits a wide range of…  – Read More  – Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News