Infosecurity News
Windows Quick Assist Exploited in Ransomware Attacks
Microsoft warned Storm-1811 started vishing attacks in April to gain access to target devices
Cyber Security News
Critical SAP NetWeaver & CX Commerce Flaw Leads To Complete Takeover
Three vulnerabilities have been discovered in SAP Customer Experience (CX) commerce cloud and SAP Netweaver Application which were
The Hacker News
Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks
Beware of Storm-1811! This financially motivated group is abusing Microsoft's Quick Assist tool in social engineering attacks.
SC Magazine
Microsoft’s Quick Assist used in scam to drop Black Basta ransomware
Threat actors use the remote management tool and social engineering to access victims’ systems and install malware.
Bleeping Computer
Nissan North America data breach impacts over 53,000 employees
Nissan North America (Nissan) suffered a data breach last year when a threat actor targeted the company's external VPN and shut down systems to receive a ransom.
The Hacker News
Android 15 Rolls Out Advanced Features to Protect Users from Scams and Malicious Apps
Android 15 introduces new features to prevent malicious apps from capturing your sensitive data. Find out more about these crucial updates:
Ars Technica
SSH backdoor has infected 400,000 Linux servers over 15 years and keeps on spreading
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach.
Infosecurity News
PDF Exploitation Targets Foxit Reader Users
CPR said exploit builders in .NET and Python have been employed to deploy this malware
HACKRead
MITM Attacks Can Still Bypass FIDO2 Security, Researchers Warn
Researchers warn that hackers can bypass FIDO2 phishing-resistant protections under certain conditions using a sophisticated MITM technique.
DarkReading
Unprotected Session Tokens Can Undermine FIDO2 Security
While the protocol has made passwordless authentication a reality, token-binding is key to prevent against token theft and reuse, security vendor says.
Krebs on Security
Patch Tuesday, May 2024 Edition
Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two "zero-day" vulnerabilities in Windows that are already being exploited in active attacks. There are also important security patches available for macOS…
The Hacker News
MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices
MITREcorp has launched EMB3D, a new threat-modeling framework for embedded devices used in critical infrastructure.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
The Hacker News
FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT
The notorious FIN7 hacking group is at it again! This time, they're using malicious Google ads to trick users into downloading malware disguised as le
Cyber Security News
Critical Next.js Vulnerability Let Attackers Compromise Server Operations
Two new vulnerabilities have been discovered in Next.js which were related to response queue poisoning and SSRF on certain Next.js versions.
CSO
CISA inks 68 tech vendors to secure-by-design pledge — but will it matter?
CISA’s pledge drew some big names, but the impact on software security could be limited. Meanwhile the org has extended its comment period on the CIRCIA cyberattack reporting law.
DarkReading
Is CISA's Secure by Design Pledge Toothless?
CISA's agreement is voluntary and, frankly, basic. Signatories say that's a good thing.
CyberSecurity Dive
White House wants to hold the software sector accountable for security
Federal officials are taking steps toward a long-stated goal of shifting the security burden from technology users to the companies that build it.
The Cyber Express
Lenovo Joins Secure by Design Pledge, Enhancing Cybersecurity Standards
Lenovo takes a bold step towards fortifying cybersecurity by joining the Secure by Design pledge, initiated by the US Cybersecurity
The Hacker News
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Researchers have uncovered a vulnerability (CVE-2024-3661) that allows threat actors to snoop on your VPN traffic.
%20(1).png)
Cyber Security News
Microsoft to Make Security a Top Priority, Above All
Microsoft announced a major shift in its operational priorities, placing security at the forefront of its agenda, above other considerations.
SecurityWeek
BetterHelp Customers Begin Receiving Refund Notices From $7.8M Data Privacy Settlement, FTC Says
BetterHelp customers have started receiving refund notices from a $7.8 million data privacy settlement, the FTC says.
CyberSecurity Dive
68 tech, security vendors commit to secure-by-design practices
CISA said companies ranging from Microsoft to Palo Alto Networks signed the voluntary pledge in an effort to boost resiliency and increase transparency around CVEs and cyberattacks.
The Record
With nation-state threats in mind, nearly 70 software firms agree to Secure by Design pledge
CISA Director Jen Easterly said the voluntary pledge by software companies is important because of widespread nation-state hacking campaigns, including the Volt Typhoon operation attributed to China.
HACKRead
IntelBroker Hacker Claims Breach of Top Cybersecurity Firm, Selling Access
The norotious IntelBroker hackers claims to have breached a leading cybersecurity company selling its access for $20,000 in XMR cryptocurrency.
DarkReading
Microsoft Will Hold Execs Accountable for Cybersecurity
At least a portion of executive compensation going forward will be tied to meeting security goals and metrics.
Security Affairs
MITRE attributes the recent attack to China-linked UNC5221
MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence.
Ars Technica
Novel attack against virtually all VPN apps neuters their entire purpose
TunnelVision vulnerability has existed since 2002 and may already be known to attackers.
Security Affairs
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Hacker News
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.
Ars Technica
Microsoft plans to lock down Windows DNS like never before. Here’s how.
ZTDNS brings the best of both worlds to DNS: encryption and fine-grained control.
CyberNews
Google trial wraps, judge weighs landmark US antitrust claims
Google and the US Justice Department wrap up closing arguments over claims that parent company Alphabet unlawfully dominated web search and related advertising.
HACKRead
New Goldoon Botnet Targeting D-Link Devices by Exploiting Weak Credentials
A new botnet called Goldoon targets D-Link routers and NAS devices putting them at risk of DDoS attacks and more. Learn how weak credentials leave you vulnerable and how to secure your network. pen_spark
Ars Technica
Microsoft ties executive pay to security following multiple failures and breaches
Microsoft has been criticized for "preventable" failures and poor communication.
SecurityWeek
Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report
Microsoft security chief Charlie Bell pledges significant reforms and a strategic shift to put security above all other product features.
SecurityWeek
Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals
A botnet dismantled in January and used by Russia-linked APT28 consisted of more than just Ubiquiti Edge OS routers.
SecurityWeek
CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities
CISA and the FBI warn of threat actors abusing path traversal software vulnerabilities in attacks targeting critical infrastructure.
The Hacker News
Google Announces Passkeys Adopted by Over 400 Million Accounts
Google announces over 400 million accounts now use passkeys - the passwordless authentication solution.
The Hacker News
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Aruba Networking has released critical security patches for ArubaOS. Four flaws could allow remote code execution, giving attackers full control.
Security Affairs
Pro-Russia hackers target critical infrastructure in North America and Europe
Government agencies from the US, Canada and the UK warn of Russian threat actors targeting critical infrastructure in North America and Europe
Security Affairs
HPE Aruba Networking addressed four critical ArubaOS RCE flaws
HPE Aruba Networking addressed four critical remote code execution vulnerabilities impacting its ArubaOS network operating system.
CyberNews
Authorities urging immediate action against pro-Russian hacktivist attacks
Independent and ideologically motivated pro-Russian hacktivists can physically threaten insecure and misconfigured operational technology devices.
DarkReading
Tech Tip: Why Haven't You Set Up DMARC Yet?
DMARC adoption is more important than ever following Google's and Yahoo's latest mandates for large email senders. This Tech Tip outlines what needs to be done to enable DMARC on your domain.
SecurityWeek
Russian Hackers Target Industrial Systems in North America, Europe
Government agencies are sharing recommendations following attacks claimed by pro-Russian hacktivists on ICS/OT systems.
Infosecurity News
US and UK Warn of Disruptive Russian OT Attacks
The US and its allies claim Russian hacktivists are disruptive operations in water, energy, food and agriculture sectors
Ars Technica
Hacker free-for-all fights for control of home and office routers everywhere
How and why nation-state hackers and cybercriminals coexist in the same router botnet.
SC Magazine
Pro-Russia hackers target OT weaknesses in critical infrastructure
Government agencies warn industry to improve their operational technology security following breaches of North American and European systems.
Bleeping Computer
US govt warns of pro-Russian hacktivists targeting water facilities
The US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations.
CyberSecurity Dive
Hacktivists exploiting poor cyber hygiene at critical infrastructure providers
CISA, the FBI and international partner agencies want water, energy, agriculture and other sectors to immediately reset passwords and apply multifactor authentication.
DarkReading
'Cuttlefish' Zero-Click Malware Steals Private Cloud Data
The newly discovered malware, which has so far mainly targeted Turkish telcos and has links to HiatusRat, infects routers and performs DNS and HTTP hijacking attacks on connections to private IP addresses
CyberScoop
Pro-Russia hacktivists attacking vital tech in water and other sectors, agencies say
Other sectors that the hacktivists — who sometimes pose physical threats — are targeting in North America and Europe include energy and agriculture, according to a Wednesday advisory.
Bleeping Computer
New Cuttlefish malware infects routers to monitor traffic for credentials
A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.
The Cyber Express
Best Practices to Secure your Supply Chains
National Supply Chain Day, which was recently observed on April 29, serves as a dedicated day to recognize the critical
Latest Hacking News
Judge0 Vulnerabilities Could Allow Sandbox Escape
A security researcher discovered a security vulnerability in the Judge0 system, which received a patch that could further be bypassed, leading to further vulnerabilities. While the developer eventually patched the issue after repeated exploits, the
The Record
Critical infrastructure operators urged to harden systems against pro-Russia hackers
The Cybersecurity and Infrastructure Security Agency (CISA) and international partners are warning about weak security practices in operational technology (OT) that could be targeted by pro-Russia hackers.
Trend Micro
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks
This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.
Ars Technica
AWS S3 storage bucket with unlucky name nearly cost developer $1,300
Amazon says it's working on stopping others from "making your AWS bill explode."
Bleeping Computer
Google now pays up to $450,000 for RCE bugs in some Android apps
Google has increased rewards for reporting remote code execution vulnerabilities within select Android apps by ten times, from $30,000 to $300,000, with the maximum reward reaching $450,000 for exceptional quality reports.
Cyber Security News
New U.K. Law Bans Default Passwords Like ‘1234’ On Smart Devices
In a significant move to bolster cybersecurity, the United Kingdom has introduced a groundbreaking law aimed at enhancing the security of
Security Affairs
NCSC: New UK law bans default passwords on smart devices
The UK National Cyber Security Centre (NCSC) orders smart device manufacturers to ban default passwords starting from April 29, 2024.
Cyber Security News
A Costly Mistake: How an Empty S3 Bucket Led to a Massive AWS Bill
an AWS customer faced a staggering $1,300 bill for S3 usage, despite creating a single, empty bucket for testing purposes.
The Hacker News
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024
The U.K. is the first country to ban default passwords on smart devices starting April 29, 2024. Manufacturers must provide unique passwords and secur
The Cyber Express
UK Government Law Will Soon Prohibit Passwords Such As “admin” or “12345”
The UK government has taken steps to safeguard consumers from cyberattacks by prohibiting common and easily-guessable passwords such as "admin"
Ars Technica
UK outlaws awful default passwords on connected devices
The law aims to prevent global-scale botnet attacks.
CyberNews
Britain bans simple passwords for smart devices
Internet-connected smart devices will soon be required to meet minimum security standards by law in the UK.
Cyber Security News
Judge0 Security Flaw Let Attackers Run Arbitrary Code & Gain Root Access
Tanto Security has disclosed critical vulnerabilities in the widely-used open-source service Judge0, which could allow attackers to perform a sandbox escape and gain root access to the host machine.
Infosecurity News
New UK Smart Device Security Law Comes into Force Today
IoT manufacturers, retailers and importers must comply with new security legislation, the PSTI act, from today
The Hacker News
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Multiple vulnerabilities have been discovered in the popular Judge0 online code execution system, putting users at risk of complete system compromise.
The DFIR Report
From IcedID to Dagon Locker Ransomware in 29 Days - The DFIR Report
Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was … Read More
The Record
UK becomes first country to ban default bad passwords on IoT devices
Britain now has IoT hardware standards that ban weak or easily guessable default passwords such as “admin” or “12345." Manufacturers are also required to publish contact details so users can report bugs.
The Record
Telegram blocks, then unblocks, chatbots used by Ukraine’s intelligence services
Ukraine’s government uses the bots to collect and share real-time information about Russian military activity.
SC Magazine
Ten years of Heartbleed: Lessons learned
A look back at the Heartbleed bug and measuring its’ legacy, impact and how some view one of cybersecurity’s biggest headaches as an important learning moment.
Bleeping Computer
Google Chrome's new post-quantum cryptography may break TLS connections
Some Google Chrome users report having issues connecting to websites, servers, and firewalls after Chrome 124 was released last week with the new quantum-resistant X25519Kyber768 encapsulation mechanism enabled by default.
The Hacker News
New 'Brokewell' Android Malware Spread Through Fake Browser Updates
A new Android malware called Brokewell is disguising itself as updates for popular apps like Google Chrome and Klarna
SecurityWeek
Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking
The Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password.
SC Magazine
After a 19-month saga, Broadcom finally patches Brocade SANnav bugs
Security pros say given the complexity of SAN management tools, it’s understandable the patches took so long.
Ars Technica
Cisco firewall 0-days under attack for 5 months by resourceful nation-state hackers
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks?
DarkReading
Lights On in Leicester: City Streetlights in Disarray After Cyberattack
The city is stymied in efforts to pinpoint the issue since its IT systems were shut down in the wake of the cyberattack.
CyberSecurity Dive
Vintage Microsoft flaw resurfaces, threat actors attack with golden GooseEgg
State-linked actors are using a custom tool for post exploitation activity of a vulnerability in Windows Print Spooler, which could result in credential theft and backdoor installs.
SecurityWeek
New Password Cracking Analysis Targets Bcrypt
Hive Systems conducts another study on cracking passwords via brute-force attacks, but it’s no longer targeting MD5.
Security Affairs
Street lights in Leicester City cannot be turned off due to a cyber attack
An attack on Leicester City Council resulted in certain street lights remaining illuminated all day and severely impacted its operations
SC Magazine
CoralRaider leverages CDN cache domains in new infostealer campaign
A new CryptBot variant targets password managers and authentication apps in the new campaign.
DarkReading
Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
.webp)
Cyber Security News
Leicester City Cyber Attack Leads to Street Light Burning All Day & Night
This issue stems from a severe cyber attack that targeted Leicester City Council's IT systems, leading to a disruptions in city services
The Hacker News
Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases
European police warn that default E2EE could severely hamper efforts to tackle online crimes like child abuse and terrorism.
DarkReading
Nations Require Licensure of Cybersecurity Pros
Malaysia, Singapore, and Ghana are among first countries to mandate licenses for cybersecurity firms to do business, but concerns remain.
SC Magazine
TensorFlow AI models at risk due to Keras API flaw
Arbitrary code in Lambda Layers may be unsafely executed in older versions of Keras.
.webp)
Cyber Security News
Lambda Layers Code Execution Flaw Leads To Supply Chain On AI/ML Applications
A new supply-chain vulnerability has been identified in the Lambda Layers of third-party TensorFlow-based Keras models that could allow
Cyber Security News
Meet the New Flexible Kapeka Backdoor With Destructive Attacking Capabilities
A new backdoor named "Kapeka" has been identified to be attacking victims in Eastern Europe since mid-2022.
CyberNews
European police call to stop encryption on social media
Europol urges politicians and industry leaders “to take urgent action to ensure public safety across social media platforms.”
The Hacker News
Ransomware Double-Dip: Re-Victimization in Cyber Extortion
Major cybercrime groups are under attack by police. But are these takedowns effective? Some groups vanish, others bounce back in DAYS.
Latest Hacking News
Apple Removed Numerous Apps From China App Store
Apple users in China may no longer find various popular apps, such as WhatsApp and Telegram, on the App Store. Apple seemingly removed these apps from the App Store following the Chinese government orders that
The Record
Police warn partnership with tech industry ‘at risk’ over end-to-end encryption
A joint declaration from European police chiefs does not mention Meta by name, but just a few months ago the company began rolling out the technology as default across “all personal chats and calls on Messenger and Facebook.”
The Cyber Express
Enhancing Cybersecurity Resilience: A Guide for Safeguarding Enterprises
by Neelesh Kripalani, Chief Technology Officer, Clover Infotech As businesses grapple with an ever-changing and increasingly hostile threat environment, the
DarkReading
Cisco Warns of Massive Surge in Password Spraying Attacks on VPNs
Attackers are indiscriminately targeting VPNs from Cisco and several other vendors in what may be a reconnaissance effort, company says.
The Hacker News
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
Ukrainian government networks have been compromised by the OfflRouter malware since 2015. This malware is causing sensitive documents to be exposed.
Cyber Security News
Cerber Linux Ransomware Exploits Atlassian Servers To Take Full Control
Hackers often use Linux ransomware due to its prevalence in server environments, offering higher potential payouts from organizations with
Cyber Security News
Kubernetes Clusters Under Attack: Critical OpenMetadata Vulnerabilities Exploited
Microsoft said the attack begins by identifying Kubernetes workloads running OpenMetadata that are exposed to the Internet.
Security Affairs
Cisco warns of a command injection escalation flaw in its IMC
Cisco addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists
The Hacker News
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
Vulnerabilities in OpenMetadata are being exploited. These critical security flaws enable hackers to get into Kubernetes environments.
Loading more articles....