The Hacker News
New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks
New Wi-Fi vulnerability discovered! CVE-2023-52424, dubbed "SSID Confusion attack," affects all operating systems and Wi-Fi clients.
The Record
British signals agency to protect election candidates’ phones from cyberattacks
The U.K. government has warned that the accounts of political candidates and election officials are “almost certainly attractive targets for cyber actors looking to carry out espionage operations.”
The Record
Civil society under increasing threats from ‘malicious’ state cyber actors, US
State-linked hackers from Russia, China, Iran and North Korea are setting their sights set their sights on NGOs, think tanks, human rights activists and journalists, the advisory warned.
The Record
Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
Bleeping Computer
Massive webshop fraud ring steals credit cards from 850,000 people
A massive network of 75,000 fake online shops called 'BogusBazaar' tricked over 850,000 people in the US and Europe into making purchases, allowing the criminals to steal credit card information and attempt to process an estimated $50 million in fake orders.
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 2)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
SecurityWeek
Cybersecurity M&A Roundup: 33 Deals Announced in April 2024
Thirty-three cybersecurity-related merger and acquisition (M&A) transactions were announced by companies in April 2024.
Bleeping Computer
Iranian hackers pose as journalists to push backdoor malware
The Iranian state-backed threat actor tracked as APT42 is employing social engineering attacks, including posing as journalists, to breach corporate networks and cloud environments of Western and Middle Eastern targets.
The Hacker News
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.
The Hacker News
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Attention SOHO router users! A new malware called Cuttlefish is on the prowl, stealthily monitoring your traffic and stealing authentication data.
The Record
Alleged China-based hackers using ‘Cuttlefish’ malware platform to target Turkey
Cuttlefish infiltrates routers and other networking hardware with the goal of quietly stealing information, Black Lotus Labs says. Most known targets are in Turkey.
Security Affairs
Cuttlefish targets enterprise-grade SOHO routers
Cuttlefish malware targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data.
SecurityWeek
Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data
Malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.
Bleeping Computer
New Cuttlefish malware infects routers to monitor traffic for credentials
A new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information.
Bleeping Computer
New Latrodectus malware attacks use Microsoft, Cloudflare themes
Latrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.
CSO
Securiti adds distributed LLM firewalls to secure genAI applications
The new offering is aimed at protecting against prompt injection, data leakage, and training data poisoning in LLM systems.
The Cyber Express
‘Unprecedented Scale’ of Credential Stuffing Attacks Observed: Okta
Okta reported an "unprecedented scale" of credential stuffing attacks targeting its identity and access management solutions, resulting in the breach
Security Affairs
Targeted operation against Ukraine exploited 7-year-old MS Office bug
A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike.
SC Magazine
CoralRaider leverages CDN cache domains in new infostealer campaign
A new CryptBot variant targets password managers and authentication apps in the new campaign.
Security Affairs
Akira ransomware received $42M in ransom payments from over 250 victims
Government agencies revealed that Akira ransomware has breached over 250 entities worldwide and received over $42 million in ransom payments.
SecurityWeek
Akira Ransomware Made Over $42 Million in One Year: Agencies
Akira ransomware has hit over 250 organizations worldwide and received over $42 million in ransom payments.
Infosecurity News
Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted
A joint advisory from Europol and US and Dutch government agencies estimated that Akira made around $42m in ransomware proceeds from March 2023 to January 2024
Cyber Security News
5 Sandbox Tools for Phishing Analysis in 2024
Sandbox Tools for Phishing Analysis 2024: 1. Interactivity 2. RSPAMD Integration 3. Suricata Rule Engine 4. MITRE ATT&CK 5.Matrix 6. Phishing Tag.
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive.
Cyber Security News
Hackers Weaponize Suspended Domains To Deliver Malware Payload
A recent phishing campaign targeting Latin America utilized emails with ZIP attachments containing an HTML file disguised as an invoice using
The Hacker News
Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme
Latin America targeted in new phishing attack. Emails contain malicious HTML files disguised as invoices.
Bleeping Computer
New HTTP/2 DoS attack can crash web servers with a single connection
Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations.
SecurityWeek
New HTTP/2 DoS Attack Potentially More Severe Than Record-Breaking Rapid Reset
New HTTP/2 DoS method named Continuation Flood can pose a greater risk than Rapid Reset, which has been used for record-breaking attacks.
CyberNews
OWASP reveals member info compromised in February breach
The OWASP foundation for the security of software, apologized to thousands of its members this past weekend after revealing the non-profit was hacked last month.
SecurityWeek
Cybersecurity M&A Roundup: 27 Deals Announced in March 2024
Twenty-seven cybersecurity-related merger and acquisition (M&A) deals were announced in March 2024, same as in February.
SecurityWeek
OWASP Data Breach Caused by Server Misconfiguration
The OWASP Foundation says a wiki misconfiguration exposed resumes filed over a decade ago by aspiring members.
Cyber Security News
Phishing-as-a-Service Platform Launched 20,000 Phishing Domains To Attack 100+ Countries
This sophisticated service enables cybercriminals to launch phishing campaigns across over 20,000 domains.
Cyber Security News
OWASP Data Breach Due to Wiki Web Server Misconfiguration
The Open Web Application Security Project (OWASP) Foundation disclosed a significant data breach. The breach, which was discovered in late February 2024, was caused by a misconfiguration of the foundation's old Wiki web server.
The Record
OWASP Foundation warns members of data breach after discovering 1,000 resumes on Wiki server
The software security nonprofit Open Worldwide Application Security Project (OWASP) said a possible data breach may affect anyone who was a member of the organization from 2006 to 2014.
Security Affairs
OWASP discloses a data breach
The OWASP Foundation disclosed a data breach that impacted some members due to a misconfiguration of an old Wiki web server.
Bleeping Computer
OWASP discloses data breach caused by wiki misconfiguration
The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server.
The DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion - The DFIR Report
Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic, Havoc, … Read More
The Hacker News
Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection
Beware of Darcula, a Phishing-as-a-Service platform targeting 100+ countries with over 20,000 fake domains.
.webp)
Cyber Security News
iPhone Users Beware! Darcula Phishing Service Attacking Via iMessage
A new threat has emerged, targeting unsuspecting iPhone users through the seemingly secure iMefofferssage platform.
Bleeping Computer
New Darcula phishing service targets iPhone users via iMessage
A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.
DarkReading
'Tycoon' Malware Kit Bypasses Microsoft, Google MFA
Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.
CyberNews
Cloudflare blocked 3.4 billion unwanted emails last year
That would be 9.3 million emails per day, 6,500 per minute, and 108 per second.
DarkReading
'Darcula' Phishing-as-a-Service Operation Bleeds Victims Worldwide
Pervasive and inexpensive phishing kit encompasses hundreds of templates targeting Kuwait Post, Etisalat, Jordan Post, Saudi Post. Australia Post, Singapore Post, and postal services in South Africa, Nigeria, Morocco, and more.
SecurityWeek
Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters
Disputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters.
The Hacker News
Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice
New phishing campaign uncovered by Trustwave SpiderLabs uses novel malware to deploy Agent Tesla, a notorious information stealer and keylogger.
Infosecurity News
New Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns
Discovered by Sekoia in 2023, the kit is associated with Adversary-in-The-Middle (AiTM) attacks
Bleeping Computer
New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts
Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and bypass two-factor authentication (2FA) protection.
The Hacker News
Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others
Sophisticated attack targets Discord bot site Top.gg + devs. Attackers stole browser cookies, pushed malicious code, and created fake Python packages.
DarkReading
GitHub Developers Hit in Complex Supply Chain Cyberattack
The attacker employed various techniques, including distributing malicious dependencies via a fake Python infrastructure linked to GitHub projects.
SecurityWeek
US Government Issues New DDoS Mitigation Guidance
CISA, the FBI, and MS-ISAC have released new guidance on how federal agencies can defend against DDoS attacks.
Ars Technica
Never-before-seen data wiper may have been used by Russia against Ukraine
AcidRain, discovered in 2022, is tied to AcidPour. Both are attributed to Russia.
The Record
Massive Russian missile barrage causes blackouts, internet outages across Ukraine
Russia fired 150 missiles and drones overnight, damaging energy facilities across the country and knocking out power for 1.5 million residents.
Bleeping Computer
Evasive Sign1 malware campaign infects 39,000 WordPress sites
A previously unknown malware campaign called Sign1 has infected over 39,000 websites over the past six months, causing visitors to see unwanted redirects and popup ads.
HACKRead
Microsoft Warns of New Tax Returns Phishing Scams Targeting You
Tax season is underway in the United States, bringing with it the notorious tax returns phishing campaigns targeting taxpayers and businesses.
The Record
Russia says cyberattacks had no impact on presidential election
After officials warned of “massive” efforts to disrupt the presidential vote, Russian authorities claimed cyberattacks had no effect on the election.
.webp)
Cyber Security News
Cyber Security News Weekly Round-Up : Cyber Attacks, Vulnerabilities, Threats & New Cyber Stories
With our weekly cybersecurity news summary, explore and learn about the most recent developments in the cybersecurity field.
Ars Technica
Cut submarine cables cause web outages across Africa; 6 countries still affected
Parts of Africa were already seeing web disruptions from damaged Red Sea cables.
SecurityWeek
Microsoft Copilot for Security Official Launch Date Announced
Microsoft announces that its Copilot for Security generative AI security solution will become generally available on April 1.
DarkReading
CISO Corner: NSA Guidelines; a Utility SBOM Case Study; Lava Lamps
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps.
HACKRead
Tycoon and Storm-1575 Linked to Phishing Attacks on US Schools
These groups launched phishing attacks using stealthy attack patterns to target officials at large US school districts, bypassing MFA protections.
The Cyber Express
Vodafone Egypt Outage: Cyberattack or Upgrade Hiccup?
Vodafone Egypt, the largest mobile operator in the country serving over 40 million customers, finds itself grappling with a partial
PCMag
Cloudflare Is Building a Firewall for AI, Plans to 'Fight AI With AI'
Research suggests new AI security threats are on the horizon. Cloudflare is developing an AI Firewall and is using its own AI tools to defend against AI-powered cyberattacks.
HACKRead
American Express Cardholders Impacted by Third-Party Vendor Data Breach
American Express notified card members of a data breach impacting customer information, emphasizing that its systems were not compromised.
CSO
Cloudflare adds new WAF features to prevent hackers from exploiting LLMs
Added to Cloudflare’s Web Application Firewall (WAF) offerings, Firewall for AI is designed to prevent the exploitation of AI models, specifically generative AI.
The Hacker News
4 Instructive Postmortems on Data Downtime and Loss
Learn from GitLab's 2017 incident: 300GB of data lost in seconds, but their transparent recovery is a masterclass in accountability.
CyberSecurity Dive
Okta, with a bruised reputation, rethinks security from the top down
CSO David Bradbury detailed to Cybersecurity Dive what the identity and access management company got wrong and the security pledges it's making to customers.
The Hacker News
WordPress Plugin Alert - Critical SQLi Vulnerability Threatens 200K+ Websites
A critical security flaw (CVE-2024-1071) in the WordPress plugin Ultimate Member has been disclosed, affecting over 200,000 active installations.
The Hacker News
Banking Trojans Target Latin America and Europe Through Google Cloud Run
Cybersecurity experts uncover a surge in phishing attacks using Google Cloud Run to distribute banking malware across LATAM and Europe.
The Hacker News
Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage
Apple's iMessage is getting a major security boost with PQ3, the 'strongest' post-quantum encryption yet
Bleeping Computer
Massive AT&T outage impacts US mobile subscribers
Tens of thousands of U.S. customers from Verizon, T-Mobile, and AT&T have been complaining about lack of wireless service or interruptions on Thursday morning.
DarkReading
'KeyTrap' DNS Bug Threatens Widespread Internet Outages
Thanks to a 24-year-old security vulnerability tracked as CVE-2023-50387, attackers could stall DNS servers with just a single malicious packet, effectively taking out wide swaths of the Internet.
Bleeping Computer
KeyTrap attack: Internet access disrupted with one DNS packet
A serious vulnerability named KeyTrap in the Domain Name System Security Extensions (DNSSEC) feature could be exploited to deny internet access to applications for an extended period.
The Cyber Express
OpenAI Targeted: Alleged Cyberattack by Anonymous Sudan Hits ChatGPT
Anonymous Sudan, a self-proclaimed activist group, allegedly launched a cyberattack on OpenAI, the artificial intelligence (AI) giant, on February 14,
SecurityWeek
KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers
Patches released for a new DNSSEC vulnerability named KeyTrap, described as the worst DNS attack ever discovered.
The Hacker News
Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days
Microsoft's latest Patch Tuesday tackles 73 vulnerabilities, including actively exploited zero-days.
.webp)
Cyber Security News
10 Best Secure Network As a Service for MSP Providers - 2024
Secure Network As a Service for MSP: 1. Perimeter 81 2. Cloudflare 3. Netskope 4. VMware 5. Palo Alto Networks 6. Aarna Networks.
DarkReading
Islamic Nonprofit Infiltrated for 3 Years With Silent Backdoor
Saudi Arabia charity was under surveillance with the modified reverse proxy tool, researchers discovered.
The Hacker News
Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know
Password spraying, OAuth hijacking, and nation-state attacks – the cybersecurity world is under siege. Learn how to protect your organization.
The Cyber Express
2024: Strengthening Cybersecurity with Zero Trust Networks
By Jonathon Dixon, Vice President and Managing Director - APJC, Cloudflare Digitization and technology are deeply rooted within the DNA
Cyber Security News
10 Best Network as a Service (NaaS) for MSSP Providers - 2024
Network as a Service for MSSP : 1. Perimeter 81 2. Cloudflare 3. Prisma Cloud 4. Megaport 5. Akamai 6. Aryaka 7. Converged Cloud.
Security Affairs
26 Cyber Security Stats Every User Should Be Aware Of in 2024
26 key cyber security stats for 2024 that every user should know, from rising cyber crime rates to the impact of AI technology.
The Cyber Express
CYSEC Qatar 2024: Exclusive Summit for Top IT, OT & Security Leaders
In the past year, 18% of Qatari organizations experienced a cybersecurity incident, with 5% facing more than five incidents. The
The Record
Senegal shuts off internet for second day as president postpones February elections
The shutdown coincides with the passing of a controversial bill to extend the term of President Macky Sall to December, when elections are now scheduled to be held.
The Cyber Express
From Intrusion to Insight: Dissecting the Cyberattack on AnyDesk and its Implications
The compromise of AnyDesk, a prominent remote desktop application distributed by AnyDesk Software GmbH, has caused quite a stir in
The Cyber Express
State Actors vs. Tech Titans: Decoding the Cloudflare Cyberattack
The impact of the massive Okta data breach lingers, continuing to provide an opportunistic terrain for hackers. Cloudflare, a prominent
CSO
Nation-state actor used recent Okta compromises to hack into Cloudflare systems
The hack, which used stolen tokens and credentials, was able to access “some documentation and a limited amount of source code” before being thwarted.
HACKRead
Thousands of Stolen AnyDesk Login Credentials Sold on Dark Web
Cybersecurity researchers have identified threat actors on a dark web forum selling AnyDesk accounts, ranging from 18,000 to 30,000 accounts.
Security Affairs
AnyDesk Incident: Customer Credentials Leaked and Published for Sale on the Dark Web
Resecurity identified bad actors offering a significant number of AnyDesk customer credentials for sale on the Dark Web.
HACKRead
AnyDesk Urges Password Change Amid Security Breach
AnyDesk, a remote desktop software maker, has reportedly become a victim of a cyberattack that compromised its production systems.
The Hacker News
AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset
Discover the details of the recent AnyDesk cyber attack, including the company’s swift response to secure its production systems and the steps users s
Bleeping Computer
AnyDesk says hackers breached its production servers, resets passwords
AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack.
Bleeping Computer
AnyDesk says hackers breached its production servers, reset passwords
AnyDesk confirmed today that it suffered a recent cyberattack that allowed hackers to gain access to the company's production systems. BleepingComputer has learned that source code and private code signing keys were stolen during the attack.
DarkReading
Cloudflare Falls Victim to Okta Breach, Atlassian Systems Cracked
The cyberattackers, believed to be state sponsored, didn't get far into Cloudflare's global network, but not for lack of trying.
HACKRead
Cloudflare Hacked After State Actor Leverages Okta Breach
The aftermath of the 2023 Okta breach continues to unfold, with Cloudflare disclosing the details of its security compromise.
CyberSecurity Dive
Cloudflare hit by follow-on attack from previous Okta breach
A threat actor that previously intruded Cloudflare’s network through its Okta environment regained access with mistakenly unrotated credentials.
DataBreaches
Cloudflare hacked using auth tokens stolen in Okta attack
Sergiu Gatlan reports: Cloudflare disclosed today that its internal Atlassian server was breached by a suspected ‘nation state attacker’ who...
Cyber Security News
Cloudflare's Server Hacked Using Leaked Access Token in Okta Breach
Cloudflare discovered a threat actor on the self-hosted Atlassian server on November 23, 2023. The attack was launched with the use of one stolen access token.
SecurityWeek
Cloudflare Hacked by Suspected State-Sponsored Threat Actor
A nation-state threat actor accessed internal Cloudflare systems using credentials stolen during the Okta hack.
Infosecurity News
Cloudflare Suffers Breach After Failing to Rotate Stolen Credentials
Cloudflare revealed suspected nation-state attackers compromised its systems and accessed source code using credentials stolen in the Okta breach
Security Affairs
Cloudflare breached on Thanksgiving Day, but the attack was promptly contained
Cloudflare revealed that a nation-state actor breached its internal Atlassian server, gaining access to its wiki and its bug database
Loading more articles....