CSO
US AI experts targeted in cyberespionage campaign using SugarGh0st RAT
Threat actors use phishing techniques to obtain non-public information about generative artificial intelligence.
Ars Technica
Arizona woman accused of helping North Koreans get remote IT jobs at 300 companies
Alleged $6.8M conspiracy involved "laptop farm," identity theft, and résumé coaching.
The Hacker News
North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign
Kimsuky hackers launch new social engineering attack using fake Facebook accounts. Learn how they target activists via Messenger and deliver malware.
CSO
BreachForums seized by law enforcement, admin Baphomet arrested
Official telegram channels operated by BreachForums members confirm law enforcement seizures and arrest.
%20(1).webp)
Cyber Security News
Earth Hundun Hacker Group Employs Advanced Tactics to Evade Detection
Earth Hundun, a notable Asia-Pacific malware organization, uses Waterbear and Deuterbear, first encountered Deuterbear.
Infosecurity News
BreachForums Hacking Marketplace Taken Down Again
The FBI claims to have seized the domain and servers of hacking forum BreachForums
Trend Micro
Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024
This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun's arsenal — operate, based on a campaign from 2024.
Ars Technica
BreachForums, an online bazaar for stolen data, seized by FBI
An earlier iteration of the site was taken down last year; now its reincarnation is gone.
Ars Technica
SSH backdoor has infected 400,000 Linux servers over 15 years and keeps on spreading
Ebury backdoors SSH servers in hosting providers, giving the malware extraordinary reach.
Bleeping Computer
FBI seize BreachForums hacking forum used to leak stolen data
The FBI has seized the notorious BreachForums hacking forum used to leak and sell stolen corporate data to other cybercriminals.
SecurityWeek
Threat Actors Abuse GitHub to Distribute Multiple Information Stealers
Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software.
SC Magazine
BreachForums seized by FBI for 2nd time
The infamous data leak site’s domain and Telegram account were seized Wednesday morning.
Bleeping Computer
Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws
Today is Microsoft's May 2024 Patch Tuesday, which includes security updates for 61 flaws and three actively exploited or publicly disclosed zero days.
Infosecurity News
China Presents Defining Challenge to Global Cybersecurity, Says GCHQ
GCHQ chief warns China's cyber actions threaten global internet security, while Russia and Iran pose immediate risks
Infosecurity News
Russian Actors Weaponize Legitimate Services in Multi-Malware Attack
Recorded Future details a novel campaign that abuses legitimate internet services to deploy multiple malware variants for credential theft
HACKRead
DNS Tunneling Used for Stealthy Scans and Email Tracking
DNS tunneling is being used to bypass security filters by hiding malicious traffic in DNS packets, allowing hackers to steal stolen data.
DarkReading
DNS Tunneling Abuse Expands to Tracking & Scanning Victims
Several campaigns are leveraging the evasive tactic to provide useful insights into victims' online activities, and find new ways to compromise organizations.
SecurityWeek
Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks
Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures.
Latest Hacking News
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
Torrance, California, May 13th, 2024, CyberNewsWireCriminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, has recently signed a technology partnership to exchange threat intelligence data based on domains and potentially
Security Affairs
Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware
Experts reported that since April, the Phorpiex botnet sent millions of phishing emails to spread LockBit Black ransomware
CSO
Equipped with AI tools, hackers make apps riskier than ever
The odds of attacks are growing as attackers can now easily access code modification and reverse engineering tools.
Ars Technica
Black Basta ransomware group is imperiling critical infrastructure, groups warn
Threat group has targeted 500 organizations. One is currently struggling to cope.
Bleeping Computer
Botnet sent millions of emails in LockBit Black ransomware campaign
Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign.
Bleeping Computer
Hackers use DNS tunneling for network scanning, tracking victims
Threat actors are using Domain Name System (DNS) tunneling to track when their targets open phishing emails and click on malicious links, and to scan networks for potential vulnerabilities.
HACKRead
Police Accessed Proton Mail User Data in Terrorism Probe
Encrypted email services like ProtonMail and Wire promise privacy, but can they guarantee anonymity? A recent case in Spain has users questioning the limitations of encryption when law enforcement steps in.
Infosecurity News
Mallox Ransomware Deployed Via MS-SQL Honeypot Attack
Analyzing Mallox samples, Sekoia identified two distinct affiliates using different approaches
%20(1).webp)
Cyber Security News
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
"Our partnership with Quad9 is a recognition of the accuracy of Criminal IP's data," stated Byungtak Kang, CEO of AI SPERA.
Bleeping Computer
Criminal IP Teams with Quad9 for Advanced Threat Intelligence Sharing
The Criminal IP Threat Intelligence (CTI) search engine to integrate with Quad9's threat-blocking service. Learn more from Criminal IP about how this integration can help you.
HACKRead
Criminal IP and Quad9 Collaborate to Exchange Domain and IP Threat Intelligence
Torrance, California, May 13th, 2024, CyberNewsWire
The Cyber Express
CBSE Results 2024 Under Threat: Database Vulnerability Could Compromise Student Scores
As the Central Board of Secondary Education (CBSE) in India released the CBSE results 2024 for its class 10th and
.jpg?height=635&t=1713982088&width=1200)
Security Magazine
FTC orders Cerebral to restrict how consumer data can be shared
The Federal Trade Commission (FTC) has ordered Cerebral, Inc. to restrict how the company can use and/or disclose sensitive consumer data.
Security Affairs
Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
Bleeping Computer
The Post Millennial hack leaked data impacting 26 million people
Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website.
Security Affairs
Russia-linked APT28 targets government Polish institutions
CERT Polska warns of a large-scale malware campaign against Polish government institutions conducted by Russia-linked APT28.
Cyber Security News
New 'TunnelVision' Technique Allows Hackers to Bypass VPN Encryption
Security researchers have uncovered a new technique called "TunnelVision" that exposes a fundamental flaw in routing-based Virtual Private Networks (VPNs),
.webp)
Cyber Security News
New Malware Attacking Windows & MS Office Users
A sophisticated malware campaign has been identified, specifically targeting Windows and Microsoft Office users through cracked software.
Cyber Security News
New F5 Next-Gen Manager Flaw Let Attackers Take Full Admin Control
F5 Big IP has been discovered with two critical vulnerabilities that could potentially allow a threat actor to take full administrative
CyberNews
Claimed by hackers, Zscaler says there’s no impact or compromise
Cloud security company Zscaler is continuing an investigation into an alleged breach.
The Record
Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
The Record
As EU referendum looms, Moldova finds itself in Russian digital army’s crosshairs
The Kremlin’s "hybrid war" on Moldova — featuring disinformation, cyberattacks and influence operations — aims to manipulate three consequential votes in Moldova this year and next.
Bleeping Computer
Poland says Russian military hackers target its govt networks
Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week.
DarkReading
2 (or 5) Bugs in F5 Asset Manager Allow Full Takeover, Hidden Accounts
F5 customers should patch immediately, though even that won't protect them from every problem with their networked devices.
Bleeping Computer
AT&T delays Microsoft 365 email delivery due to spam wave
AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service.
The Hacker News
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Researchers have uncovered a vulnerability (CVE-2024-3661) that allows threat actors to snoop on your VPN traffic.
DarkReading
Vast Network of Fake Web Shops Defrauds 850,000 & Counting
China-based cybercriminal group "BogusBazaar" created tens of thousands of fraudulent online stores based on expired domains to steal payment credentials.
The Cyber Express
Cybersecurity Alert: F5’s Next Central Manager Under Attack by Remote Exploits
Security researchers have revealed new critical vulnerabilities in F5’s Next Central Manager, posing severe risks to organizational cybersecurity. These Next
SecurityWeek
BetterHelp Customers Begin Receiving Refund Notices From $7.8M Data Privacy Settlement, FTC Says
BetterHelp customers have started receiving refund notices from a $7.8 million data privacy settlement, the FTC says.
The Hacker News
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery
Ivanti Connect Secure (ICS) devices are under attack! Two critical vulnerabilities are being exploited to deploy the notorious Mirai botnet.
SecurityWeek
F5 Patches Dangerous Vulnerabilities in BIG-IP Next Central Manager
F5 has patched two potentially serious vulnerabilities in BIG-IP Next that could allow an attacker to take full control of a device.
Infosecurity News
Fake Online Stores Scam Over 850,000 Shoppers
Researchers discover 75,000+ domains hosting fraudulent e-commerce sites, in a campaign dubbed BogusBazaar
Security Affairs
Experts warn of BIG-IP Next Central Manager flaws that allow device takeover
Two high-severity vulnerabilities in BIG-IP Next Central Manager can be exploited to gain admin control and create hidden accounts on any managed assets.
The Hacker News
Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover
Two critical vulnerabilities have been discovered in F5 Next Central Manager that could grant attackers full admin control.
CSO
F5 patches BIG-IP Next Central Manager flaws that could lead to device takeover
Two high-risk vulnerabilities could be exploited to allow attackers to gain full administrative control on devices via leaked password hashes.
The Record
Poland says it was targeted by Russian military intelligence hackers
A phishing campaign against Polish institutions was the work of Russia’s military intelligence agency, the GRU, according to CERT-PL.
SC Magazine
RSAC 2024: Top cyber insurance trends, traps and advice
A panel of experts unpack the art of cyber insurance here at RSA Conference and share what's new in coverage and claims.
The Record
Cyberthreat landscape permanently altered by Chinese operations, US officials say
The wide-ranging hacking campaign by the state-backed group Volt Typhoon is seen as a prelude of what's to come.
Ars Technica
Critical vulnerabilities in BIG-IP appliances leave big networks open to intrusion
Hackers can exploit them to gain full administrative control of internal devices.
Bleeping Computer
New BIG-IP Next Central Manager bugs allow device takeover
F5 has fixed two high-severity BIG-IP Next Central Manager vulnerabilities, which can be exploited to gain admin control and create rogue accounts on any managed assets.
Security Affairs
New TunnelVision technique can bypass the VPN encapsulation
TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation.
HACKRead
LiteSpeed Cache Plugin XSS Vulnerability Affects 1.8M WordPress Sites
WordPress websites are under attack with a surge of malicious JavaScript being injected using vulnerable versions of the LiteSpeed Cache plugin.
SecurityWeek
New 'TunnelVision' Technique Leaks Traffic From Any VPN System
A new technique named TunnelVision allows attackers to bypass the VPN and redirect traffic through the local network.
Security Affairs
LiteSpeed Cache WordPress plugin actively exploited in the wild
Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites
The Hacker News
The Fundamentals of Cloud Security Stress Testing
The cloud promises agility, but opens a Pandora's box of cyber risks if not secured properly. Understand your responsibility under the shared responsi
Cyber Security News
Hackers Exploit Litespeed Plugin Flaw To Create Rogue Admin Accounts
WordPress plugins make WordPress more useful, but most of these have flaws that hackers may try to take advantage of to get unauthorized
The Cyber Express
Attackers Leverage TunnelVision Vulnerability to Expose User Data
A new VPN vulnerability has emerged on the internet, compromising the very essence of online privacy and data protection. The
SC Magazine
‘TunnelVision’ DHCP flaw lets attackers bypass VPNs, redirect traffic
Security pros warn that this flaw could affect just about every IP-routing based VPN.
SC Magazine
RSAC 2024: Securing ‘fragmented’ identities in the cloud age
Zero trust, access certification campaigns and regular AD risk assessments are more critical than ever.
Bleeping Computer
Hackers exploit LiteSpeed Cache flaw to create WordPress admins
Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites.
Bleeping Computer
Save $137 on three years of online privacy with Windscribe Pro VPN
We need to stay connected in our lives, but that shouldn't require taking risks with our privacy. Guard your data with three years of the Windscribe VPN Pro Plan for $69.97, $137 off the $207 MSRP now through May 12th.
Bleeping Computer
BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement
BetterHelp has agreed to pay $7.8 million in a settlement agreement with the U.S. Federal Trade Commission (FTC) over allegations of misusing and sharing consumer health data for advertising purposes.
SecurityWeek
Niobium Raises $5.5M for Zero Trust Computing Hardware Acceleration
Niobium raises $5.5 million in seed funding for a fully homomorphic encryption (FHE) hardware accelerator designed for zero trust computing.
Security Affairs
MITRE attributes the recent attack to China-linked UNC5221
MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence.
Cyber Security News
Beware! 150+ SSH Accounts With Root Access Advertised On Hacker Forums
In a concerning development for cybersecurity, over 150 SSH accounts with root access are currently being advertised for sale on various
Ars Technica
Novel attack against virtually all VPN apps neuters their entire purpose
TunnelVision vulnerability has existed since 2002 and may already be known to attackers.
SecurityWeek
Synopsys Sells Software Integrity Business in $2.1 Billion Deal
Synopsys is selling its Software Integrity Group to private equity firms Clearlake Capital and Francisco Partners in a $2.1 billion deal.
The Hacker News
China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices
New findings suggest the ArcaneDoor cyber espionage campaign targeting network devices from Cisco (CVE-2024-20353, CVE-2024-20359).
Cyber Security News
10 Best Active Directory Management Tools 2024
Best Active Directory Management Tools: 1. Microsoft AD Explorer 2. SolarWinds Permissions Analyzer 3. Netwrix 4.ManageEngine ADAudit Plus.
The Hacker News
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs
A new malware called "Cuckoo" is on the loose, targeting both Intel and ARM-based Macs.
The Cyber Express
The Era of Web DDoS Tsunamis and Strategies for Defense
By Eyal Arazi, senior security solutions lead for Radware The cybersecurity landscape evolved rapidly in 2023. In particular, there was
Krebs on Security
Why Your VPN May Not Be As Secure As It Claims
Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers…
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly news summary keeps you up to date with what’s happening in cybersecurity, including developments, vulnerabilities, breaches, threats, and defensive strategies. Knowing about new cyber risks and attack vectors helps you put up safeguards and preventive measures as soon as possible to protect your systems. Remaining constantly aware gives you a holistic view of […]
Ars Technica
Microsoft plans to lock down Windows DNS like never before. Here’s how.
ZTDNS brings the best of both worlds to DNS: encryption and fine-grained control.
Bleeping Computer
Android bug can leak DNS traffic with VPN kill switch enabled
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option.
Bleeping Computer
Android bug leaks DNS queries even when VPN kill switch is enabled
A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option.
Security Affairs
Russia-linked APT28 and crooks are still using the Moobot botnet
The Ubiquiti EdgeRouter botnet is still used by Russia-linked group APT28 and cybercriminals organizations.
Cyber Security News
ShadowSyndicate Hackers Exploit Aiohttp Vulnerability To Steal Sensitive Data
A directory traversal vulnerability (CVE-2024-23334) was identified in aiohttp versions before 3.9.2, allowing remote attackers to
SecurityWeek
Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals
A botnet dismantled in January and used by Russia-linked APT28 consisted of more than just Ubiquiti Edge OS routers.
SecurityWeek
ArcaneDoor Espionage Campaign Targeting Cisco Firewalls Linked to China
An analysis of IoCs suggests that a Chinese threat group may be behind the recent ArcaneDoor espionage campaign targeting Cisco firewalls.
DarkReading
DPRK's Kimsuky APT Abuses Weak DMARC Policies, Feds Warn
Organizations can go a long way toward preventing spoofing attacks by changing one basic parameter in their DNS settings.
DarkReading
Hacker Sentenced After Years of Extorting Psychotherapy Patients
Two years after a warrant went out for his arrest, Aleksanteri Kivimäki finally has been found guilty of thousands of counts of aggravated attempted blackmail, among other charges.
Ars Technica
Maximum-severity GitLab flaw allowing account hijacking under active exploitation
The threat is potentially grave because it could be used in supply chain attacks.
DarkReading
Tech Tip: Why Haven't You Set Up DMARC Yet?
DMARC adoption is more important than ever following Google's and Yahoo's latest mandates for large email senders. This Tech Tip outlines what needs to be done to enable DMARC on your domain.
Infosecurity News
US and UK Warn of Disruptive Russian OT Attacks
The US and its allies claim Russian hacktivists are disruptive operations in water, energy, food and agriculture sectors
.webp)
Cyber Security News
Beware! Threat Actors Selling RDP Access on Hacker Forums
Cybersecurity communities are on high alert as threat actors have begun selling RDP access on various underground hacker forums.
The Hacker News
New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials
Attention SOHO router users! A new malware called Cuttlefish is on the prowl, stealthily monitoring your traffic and stealing authentication data.
Ars Technica
Hacker free-for-all fights for control of home and office routers everywhere
How and why nation-state hackers and cybercriminals coexist in the same router botnet.
Security Affairs
Cuttlefish targets enterprise-grade SOHO routers
Cuttlefish malware targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data.
DarkReading
'Cuttlefish' Zero-Click Malware Steals Private Cloud Data
The newly discovered malware, which has so far mainly targeted Turkish telcos and has links to HiatusRat, infects routers and performs DNS and HTTP hijacking attacks on connections to private IP addresses
HACKRead
Muddling Meerkat Group Suspected of Espionage via Great Firewall of China
Uncover the "Muddling Meerkat," a China-linked threat actor manipulating the DNS. Infoblox research reveals a sophisticated group with deep DNS expertise and potential ties to the Great Firewall. Learn their tactics and how to stay protected.
Loading more articles....