HACKRead
Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets
Shadow IT involves employees using IT systems without proper security controls, often installing unauthorized software on company computers.
%20(1)%20(1).webp)
Cyber Security News
PoC Exploit Released for Ivanti EPMM MobileIron Core
A newly disclosed vulnerability, identified as CVE-2024-22026, has been found in Ivanti EPMM, formerly known as MobileIron Core.
SecurityWeek
Threat Actors Abuse GitHub to Distribute Multiple Information Stealers
Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software.
Bleeping Computer
Tornado Cash cryptomixer dev gets 64 months for laundering $2 billion
Alexey Pertsev, one of the main developers of the Tornado Cash cryptocurrency tumbler has been sentenced to 64 months in prison for his part in helping launder more than $2 billion worth of cryptocurrency.
.webp)
Cyber Security News
Hackers Abusing to GitHub to Host Malicious Infrastructure
Cybercriminals have been exploiting GitHub, a platform widely trusted by developers, to host malicious infrastructure.
Bleeping Computer
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days.
HACKRead
Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data
A new Android malware poses as popular applications like WhatsApp, Instagram, and Snapchat to steal user data, including login credentials.
Infosecurity News
Russian Actors Weaponize Legitimate Services in Multi-Malware Attack
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft
The Hacker News
Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code
12 security flaws addressed, including two critical issues leading to remote code execution. Update to version 1.2.27 now to stay protected
CyberNews
Relief for AWS customers: no charges for unauthorized S3 requests
AWS has released a statement saying that S3 will no longer charge for several HTTP error codes if initiated from outside.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
The Hacker News
Malicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via Smishing
Fake Android apps mimicking popular platforms like Google & WhatsApp are stealing user data.
Security Affairs
Citrix warns customers to update PuTTY version installed on their XenCenter system manually
Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin's private SSH key.
Cyber Security News
CISA Announced Vulnrichment : Project to Enrich CVE Records
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced a new initiative called "Vulnrichment" aimed at enriching Common Vulnerabilities and Exposures (CVE) records with additional metadata to help organizations better prioritize vulnerability remediation efforts.
SecurityWeek
CISA Announces CVE Enrichment Project 'Vulnrichment'
CISA’s Vulnrichment project is adding important information to CVE records to help improve vulnerability management processes.
The Record
With nation-state threats in mind, nearly 70 software firms agree to Secure by Design pledge
CISA Director Jen Easterly said the voluntary pledge by software companies is important because of widespread nation-state hacking campaigns, including the Volt Typhoon operation attributed to China.
Infosecurity News
#RSAC: CISA Launches Vulnrichment Program to Address NVD Challenges
CISA launched a new software vulnerability enrichment program to fill the gap left by NIST’s National Vulnerability Database backlog
DarkReading
Critical Bug Could Open 50K+ Tinyproxy Servers to DoS, RCE
Patch now: CVE-2023-49606 in the open source, small-footprint proxy server can potentially lead to remote code execution.
Bleeping Computer
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw
Nearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw.
SecurityWeek
RSA Conference 2024 – Announcements Summary (Day 1)
Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco.
The Hacker News
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution
Critical unpatched flaw (CVE-2023-49606) in Tinyproxy could lead to remote code execution. Over 50% of 90K+ exposed hosts are vulnerable.
The Hacker News
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
New findings suggest the ArcaneDoor cyber espionage campaign targeting network devices from Cisco (CVE-2024-20353, CVE-2024-20359).
%20(1).webp)
Cyber Security News
PostgreSQL Security Flaws Let Attackers Execute Code
Two vulnerabilities have been identified in pgAdmin of PostgreSQL which were associated with Cross-Site Scripting and Multi-Factor
SC Magazine
RSAC 2024: Google on the promise of large language models and cybersecurity
Taking a sober look at where and how offensive and defensive GenAI is being used to keep security professionals on their toes.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
SecurityWeek
ArcaneDoor Espionage Campaign Targeting Cisco Firewalls Linked to China
An analysis of IoCs suggests that a Chinese threat group may be behind the recent ArcaneDoor espionage campaign targeting Cisco firewalls.
Bleeping Computer
Bitwarden launches new MFA Authenticator app for iOS, Android
Bitwarden, the creator of the popular open-source password manager, has just launched a new authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices.
SecurityWeek
AI Security Startup Apex Emerges From Stealth With Funding From OpenAI CEO
Israeli AI security firm Apex has received $7 million in seed funding for its detection, investigation, and response platform.
SecurityWeek
Startup Dealflow: New Investments at Resonance, RunReveal, StepSecurity, Insane Cyber
Cybersecurity startups Insane Cyber, Resonance Security, RunReveal and StepSecurity announce pre-seed, early-stage, and seed funding rounds.
Security Affairs
Threat actors hacked the Dropbox Sign production environment
Threat actors breached the Dropbox Sign production environment and accessed customer email addresses and hashed passwords
The Cyber Express
Dropbox Reports Breach of Sensitive Authentication Data for its Sign Product
Cloud storage and file sharing company Dropbox disclosed a security breach that resulted in an unauthorized access to sensitive information,
The Hacker News
Dropbox Discloses Breach of Digital Signature Service Affecting All Users
Dropbox Sign Breached! Unidentified hackers accessed user emails, usernames, and account settings for all Dropbox Sign users.
Bleeping Computer
DropBox says hackers stole customer data, auth secrets from eSignature service
Cloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information.
Cyber Security News
Postman API Testing Platform Flaw Exposes Sensitive Credentials
Live secrets from 183 different SaaS and cloud providers, including giants like AWS, GCP, OpenAI, GitHub, and Postman itself, were found leaking on the platform.
The Record
Dropbox says hacker accessed passwords, authentication info during breach
The company told federal regulators that it discovered unauthorized access to the production environment of its Dropbox Sign product.
Trend Micro
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks
This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.
Bleeping Computer
R language flaw allows code execution via RDS/RDX files
A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files.
SecurityWeek
Vulnerability in R Programming Language Could Fuel Supply Chain Attacks
A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain attack.
The Hacker News
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Multiple vulnerabilities have been discovered in the popular Judge0 online code execution system, putting users at risk of complete system compromise.
Cyber Security News
Find Malware With ANY RUN Threat Intelligence YARA Search by File Contents
Within ANY.RUN YARA Search also allows you to write, edit, test, download, and manage your rules seamlessly, using your existing TI Lookup quota for searches.
The DFIR Report
From IcedID to Dagon Locker Ransomware in 29 Days - The DFIR Report
Key Takeaways In August 2023, we observed an intrusion that started with a phishing campaign using PrometheusTDS to distribute IcedID. IcedID dropped and executed a Cobalt Strike beacon, which was … Read More
The Hacker News
Bogus npm Packages Used to Trick Software Developers into Installing Malware
Hackers are disguising Python backdoors as legitimate npm packages to target developers during fake job interviews.
Bleeping Computer
Fake job interviews target developers with new Python backdoor
A new campaign tracked as "Dev Popper" is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT).
Cyber Security News
Microsoft Releases Historical MS-DOS 4.0 Source Code to the Public
Microsoft has made the source code for MS-DOS 4.0 publicly available. This decision marks the accessibility of historical software
Cyber Security News
PoC Exploit Released For Critical Flowmon Vulnerability
A critical vulnerability was addressed by Progress last week which was associated with unauthenticated Command injection on the Progress
DarkReading
Patch Now: CrushFTP Zero-Day Cloud Exploit Targets US Orgs
An exploit for the vulnerability allows attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.
DarkReading
Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments
An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.
Bleeping Computer
Hackers hijack antivirus updates to drop GuptiMiner malware
North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware.
HACKRead
GitHub Comments Abused to Spread Malware in Fake Microsoft Repositories
McAfee cybersecurity researchers have discovered a malicious scheme exploiting GitHub's comment section to spread malware.
SC Magazine
TensorFlow AI models at risk due to Keras API flaw
Arbitrary code in Lambda Layers may be unsafely executed in older versions of Keras.
Bleeping Computer
GitLab affected by GitHub-style CDN flaw allowing malware hosting
BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. It turns out, GitLab is also affected by this issue and could be abused in a similar fashion.
The Hacker News
Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage
North Korea's state-linked hackers are enhancing their operations with advanced artificial intelligence tools.
The Hacker News
New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
A new variant of the RedLine Stealer malware has been discovered, utilizing Lua bytecode for stealth and effectiveness.
Bleeping Computer
GitHub comments abused to push malware via Microsoft repo URLs
A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy.
The Hacker News
How Attackers Can Own a Business Without Touching the Endpoint
How attackers are hacking organizations without touching the endpoint by targeting cloud identities.
Cyber Security News
PoC Exploit Released for Cisco IMC Flaw - Urgent Update Advised
Proof of Concept (PoC) exploit has been released for a critical vulnerability in Cisco's Integrated Management Controller (IMC).
Bleeping Computer
Fake cheat lures gamers into spreading infostealer malware
A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab,' promising downloaders a free copy if they convince their friends to install it too.
Cyber Security News
New Redline Stealer Variant Leverages Lua Bytecode For Stealthiness
Redline Stealer is a powerful information-stealing malware and hackers often exploit this stealthy stealer to gain unauthorized access to a
Cyber Security News
Chrome Security Update: 23 Vulnerabilities Fixed in Latest Release
The latest release, version 124.0.6367.60/.61 for Windows and Mac and version 124.0.6367.60 for Linux, addresses 23 security vulnerabilities.
SecurityWeek
Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks
Cisco has observed an increase in brute-force attacks targeting web application authentication, VPNs, and SSH services.
.webp)
Cyber Security News
Hackers Attempted To Takeover JavaScript Project From OpenJS Foundation
Attackers tried to take over the JavaScript project from OpenJS Foundation, which is home to JavaScript projects utilized by billions of
Cyber Security News
LeakyCLI: New Vulnerability Exposes Credentials In AWS, Azure & Google Cloud
Multiple Cloud Service providers like Google Cloud, AWS and Azure have been discovered with a new vulnerability that has been termed as
SecurityWeek
Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities
Chrome and Firefox security updates resolve over 35 vulnerabilities, including a dozen high-severity bugs.
The Hacker News
GenAI: A New Headache for SaaS Security Teams
GenAI isn't just hype—it's a toolbox revolutionizing how we develop software, manage emails, and create content.
Cyber Security News
Critical PHP Vulnerabilities Let Attackers Inject Commands : Patch Now
Multiple vulnerabilities have been identified in PHP that are associated with Command Injection, Cookie Bypass, Account takeover and Denial
CyberNews
Brute force attacks targeting VPNs on the rise, intel warning
A new advisory warns of an uptick in brute force attacks targeting VPNs, SSH services, and other services.
Security Affairs
PuTTY SSH Client flaw allows of private keys recovery
The PuTTY Secure Shell (SSH) and Telnet client are impacted by a critical vulnerability that could be exploited to recover private keys.
Bleeping Computer
Cisco warns of large-scale brute-force attacks against VPN services
Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide.
The Hacker News
OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt
Security researchers uncover a "credible" takeover attempt on the OpenJS Foundation, mirroring a recent incident with XZ Utils.
Bleeping Computer
PuTTY SSH client flaw allows recovery of cryptographic private keys
A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation.
SecurityWeek
Cloud Users Warned of Data Exposure Risk From Command-Line Tools
Cloud security specialists found data exposure risk associated with Azure, AWS, and Google Cloud command-line tools.
The Hacker News
AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs
Popular cloud CLI tools (AWS, Google Cloud, Azure) have a vulnerability ("LeakyCLI") exposing sensitive data in build logs.
HACKRead
OpenSSF Warns of Fake Maintainers Targeting JavaScript Projects
The OpenSSF issued alerts for social engineering takeovers of open-source projects after hackers tried to gain control of an OpenJS-hosted project.
CyberSecurity Dive
Fears rise of social engineering campaign as open source community spots another threat
Federal officials are said to be investigating potential links between the recent XZ Utils campaign and new threat activity against JavaScript project maintainers.
Infosecurity News
Open Source Leaders Warn of XZ Utils-Like Takeover Attempts
Two open source organizations have revealed attempts to socially engineer project takeovers
The Hacker News
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
Discover the implications for software developed with tools like GitHub Copilot. Learn more about securing your code against AI vulnerabilities.
CyberSecurity Dive
CISA to big tech: After XZ Utils, open source needs your support
The attempted malicious backdoor may have been part of a wider campaign using social engineering techniques, the open source community warned.
The Record
Researchers stop ‘credible takeover attempt’ similar to XZ Utils backdoor incident
The thwarted social engineering attempts highlight the urgent need to address weaknesses in the management of open source software.
Security Affairs
Crooks manipulate GitHub's search results to distribute malware
Researchers warn threat actors are manipulating GitHub search results to target developers with persistent malware.
HACKRead
Windows Apps Vulnerable to Command Injection via "BatBadBut" Flaw
Critical 'BatBadBut' Flaw in Windows Lets Hackers Inject Commands (Patch Now!)
CSO
Open-source scanner can identify risky Microsoft SCCM configurations
Researcher that helped compile the knowledge base of common misconfigurations in SCCM releases scanner MisconfigurationManager.ps1.
The Hacker News
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files
Malicious "test files" linked to the XZ Utils backdoor found in popular Rust crate liblzma-sys, downloaded over 21,000 times.
SecurityWeek
Threat Actors Manipulate GitHub Search to Deliver Malware
Checkmarx warns of a new attack relying on GitHub search manipulation to deliver malicious code.
The Cyber Express
Beware of Active Exploitation: Critical Vulnerabilities in D-Link NAS Devices Exposes 92,000 Devices
An active exploitation of critical vulnerabilities in D-Link Network Attached Storage (NAS) devices has raised concerns for D-Link users exposing
Trend Micro
Importance of Scanning Files on Uploader Applications
Delve into the crucial practice of file scanning within uploader applications, and learn defensive measures to safeguards against malicious threats like malware.
CyberScoop
Six-year old bug will likely live forever in Lenovo, Intel products
A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products.
CyberScoop
Six-year old bug will likely live forever in Lenovo, Intel products
A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products.
Infosecurity News
New Android Espionage Campaign Spotted in India and Pakistan
A new cyber espionage campaign, called ‘eXotic Visit,’ targeted Android users in South Asia via seemingly legitimate messaging apps
The Hacker News
Python's PyPI Reveals Its Secrets
Exposed secrets on GitHub and PyPI are more prevalent than you think. GitGuardian's latest report reveals shocking numbers. Dive into the details here
The Hacker News
Python's PyPI Reveals Its Secrets
Exposed secrets on GitHub and PyPI are more prevalent than you think. GitGuardian's latest report reveals shocking numbers. Dive into the details here
Infosecurity News
Threat Actors Game GitHub Search to Spread Malware
Checkmarx warns of GitHub search result manipulation designed to promote malicious repositories
The Cyber Express
Microsoft Security Lapse Exposed Sensitive Credentials and Internal Resources of Employees
A significant data leak, purportedly affecting tech giant Microsoft, has been uncovered by cybersecurity researchers. The leak allegedly exposed sensitive
Security Affairs
Microsoft fixed two zero-day flaws exploited in malware attacks
Microsoft addressed two zero-day vulnerabilities (CVE-2024-29988 and CVE-2024-26234) actively exploited by threat actors to deliver malware
The Hacker News
'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan
Active Android spyware campaign 'eXotic Visit' targeting users in India and Pakistan.
Infosecurity News
Windows: New 'BatBadBut' Rust Vulnerability Given Highest CVSS Score
A flaw in the Rust standard library exposes Windows systems to command injection attacks
The Hacker News
Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware
Hackers are exploiting GitHub's search feature to spread malware. Popular repositories are being cloned and infected.
Bleeping Computer
Malicious Visual Studio projects on GitHub push Keyzetsu malware
Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments.
Bleeping Computer
Critical Rust flaw enables Windows command injection attacks
Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks.
Security Affairs
ScrubCrypt used to drop VenomRAT along with many malicious plugins
Researchers discovered a sophisticated multi-stage attack that leverages ScrubCrypt to drop VenomRAT along with many malicious plugins.
DarkReading
92K D-Link NAS Devices Open to Critical Command-Injection Bug
The company is asking users to retire several network-attached storage (NAS) models to avoid compromise through a publicly available exploit that results in backdooring.
Loading more articles....