Category: Cyware News – Latest Cyber News

The malicious Chrome extension campaign in LATAM involves infecting victims through phishing websites and installing rogue extensions to steal sensitive information. The extensions mimic Google Drive, giving them access to a wide range of user data. This article has been…

Read more →

Chainguard, a supply chain security startup, recently raised $140 million in a Series C funding round led by Redpoint Ventures, Lightspeed Venture Partners, and JVP. It aims to expand globally and strengthen its presence in the U.S. public sector. This…

Read more →

The Office of the National Cyber Director (ONCD) announced Wednesday that former Navy SEAL and National Defense University cyberspace professor Harry Wingo has been selected as its deputy director. This article has been indexed from Cyware News – Latest Cyber…

Read more →

GenAI users face significant security risks related to data, with regulated data making up a large share of sensitive information shared with GenAI applications, posing a threat of costly data breaches. This article has been indexed from Cyware News –…

Read more →

MCG Health has agreed to a settlement of $8.8 million for a data breach lawsuit following a hacking incident in 2020. The lawsuit alleges that it took MCG Health two years to discover and report the data theft affecting around…

Read more →

While purchasing cyber insurance won’t completely prevent data breaches, it does improve the cyber posture as it requires strict underwriting processes. However, only a quarter of companies currently have standalone cyber insurance policies. This article has been indexed from Cyware…

Read more →

GhostWriter, also known as UAC-0057, used PicassoLoader and Cobalt Strike Beacon to infect victims, including local government offices and groups associated with USAID’s Hoverla project. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Least privilege begins by addressing dormant user accounts and then scrutinizing access privileges, using Context-based access control (CBAC), Attribute-based access control (ABAC), and Role-based access control (RBAC) to determine user access. This article has been indexed from Cyware News –…

Read more →

An unidentified threat actor is taking advantage of the recent Falcon Sensor update issues to distribute fake installers via a fraudulent website impersonating a German entity. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Researchers at Wiz have identified an ongoing campaign targeting exposed Selenium Grid services for illicit cryptocurrency mining. The campaign, known as SeleniumGreed, is exploiting older versions of Selenium to run a modified XMRig miner. This article has been indexed from…

Read more →

The US has indicted a North Korean state hacker for ransomware attacks on hospitals and healthcare companies. The hacker, Rim Jong Hyok, is a member of the Andariel Unit within North Korea’s intelligence agency. This article has been indexed from…

Read more →

Process Injection is a vital technique used by attackers to evade detection and escalate privileges. Thread Name-Calling has emerged as a new injection technique that abuses Windows APIs for thread descriptions to bypass endpoint protection products. This article has been…

Read more →

US Senator Richard Blumenthal revealed that Bank of America, JPMorgan Chase, and Wells Fargo only reimbursed 38% of customers for unauthorized payments, resulting in $100 million in fraud losses. This article has been indexed from Cyware News – Latest Cyber…

Read more →

ServiceNow RCE vulnerabilities are being actively exploited to steal credentials. Threat actors are using publicly available exploits to target government agencies and private firms for data theft. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A recent study by Parametrix has found that the global IT outage linked to CrowdStrike will result in at least $5.4 billion in direct financial losses for Fortune 500 companies, excluding Microsoft. This article has been indexed from Cyware News…

Read more →

KnowBe4, a cybersecurity training company, was tricked into hiring a fake IT worker from North Korea, highlighting the threat of insider activities. Despite this, no data breach occurred. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The vulnerability, tracked as CVE-2024-6327, allows attackers to execute code on unpatched servers through deserialization of untrusted data. The issue affects Report Server 2024 Q2 (10.1.24.514) and earlier versions. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The new warning messages help users understand the danger posed by each downloaded file from the Internet. Google has implemented a two-tier download warning system using AI-powered malware verdicts from its Safe Browsing service. This article has been indexed from…

Read more →

The recent developments in SocGholish infection tactics target WordPress-based websites. The attack sequence involves initial access through compromised websites with vulnerable WordPress plugins. This article has been indexed from Cyware News – Latest Cyber News Read the original article: SocGholish:…

Read more →

Email security gaps in gateway defenses have allowed phishing hackers to sneak malware past static scanning functions. Hackers hid malicious attachments by using a decoy file extension in a compressed archive. This article has been indexed from Cyware News –…

Read more →

Patchwork hackers targeted Bhutan using the advanced Brute Ratel C4 tool, along with an updated backdoor called PGoShell. This marks the first time Patchwork has been observed using the red teaming software. This article has been indexed from Cyware News…

Read more →

Mimecast has acquired veteran data security firm Code42, adding 175 employees to its team. Code42, founded in 2001, focuses on expanding its data protection platform, Incydr, with recent enhancements for source code exfiltration detection. This article has been indexed from…

Read more →

North Korean hackers, specifically the Andariel hacking group, are now targeting the healthcare, energy, and financial sectors according to a Mandiant report. This group is believed to be associated with North Korea’s Reconnaissance General Bureau. This article has been indexed…

Read more →

Researchers have uncovered a vulnerability in Google Cloud Platform’s Cloud Functions service called ConfusedFunction. This flaw allows an attacker to escalate their privileges to access other services and sensitive data in an unauthorized manner. This article has been indexed from…

Read more →

The malicious file, disguised as “Recommendation for the award of President’s.docm,” contained a VBA script that executed the CrimsonRAT remote control program, capable of stealing sensitive information. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

According to a Seemplicity survey, AI is speeding up code development faster than security teams can keep up, leading to concerns about vulnerability management. 91% of organizations are increasing their security budgets. This article has been indexed from Cyware News…

Read more →

The 2024 Mid-Year Cyber Threat Report from SonicWall revealed a 30% increase in malware-based threats compared to 2023, with a significant spike in attacks from March to May, including 78,923 new variants observed in the first half of 2024. This…

Read more →

Stargazer Goblin has been distributing various malware families like Atlantida Stealer, Lumma, and Rhadamanthys, since at least August 2022. The threat actor charges users to “star” repositories with fake accounts, increasing their credibility. This article has been indexed from Cyware…

Read more →

BlackMeta, known for targeting organizations in Israel, UAE, and the US, used a cybercrime service called InfraShutdown to target a UAE bank for $500-$625 a week. The attach lasted 100 hours in total. This article has been indexed from Cyware…

Read more →

Vanta’s Series C funding was led by Sequoia Capital. Other participating investors include Growth Equity at Goldman Sachs Alternatives and J.P. Morgan, along with existing partners like Atlassian Ventures and Y Combinator. This article has been indexed from Cyware News…

Read more →

Several major Russian banks were hit by DDoS attacks that disrupted their mobile apps and websites. State-owned VTB and Russian Agricultural Bank confirmed the attacks, with VTB attributing it to a foreign source. This article has been indexed from Cyware…

Read more →

Lakera has raised $20 million in a Series A funding round. Led by European VC Atomico, with participation from Citi Ventures, Dropbox Ventures, and existing investors including redalpine, this investment brings Lakera’s total funding to $30 million. This article has…

Read more →

Infisical is an open-source secret management platform used by developers to centralize application configurations and secrets like API keys and database credentials, as well as manage internal PKI. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The Braodo Stealer, a Vietnamese-based malware, is infiltrating victims’ systems to steal sensitive information like credentials and banking details for identity theft and financial harm. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Okta Browser Plugin versions 6.5.0 through 6.31.0 are vulnerable to cross-site scripting, prompting users to save credentials in Okta Personal. The issue was fixed in version 6.32.0 for Chrome, Edge, Firefox, and Safari. This article has been indexed from Cyware…

Read more →

Researchers identified two vulnerabilities in LangChain, an open-source generative AI framework with over 81,000 stars on GitHub: CVE-2023-46229 and CVE-2023-44467 (LangChain Experimental). This article has been indexed from Cyware News – Latest Cyber News Read the original article: Two Vulnerabilities…

Read more →

Protexxa, a Toronto-based B2B SaaS cybersecurity company founded by Claudette McGowan, has secured $10 million in Series A funding from various investors including Bell Ventures and private investors like Sonia Baxendale and Annette Verschuren. This article has been indexed from…

Read more →

The Philippines has decided to shut down its online gambling industry to tackle illegal activities such as financial scams and human trafficking. President Ferdinand Marcos Jr instructed PAGCOR to cease operations of POGOs by the end of the year. This…

Read more →

Threat actors are targeting Hamster Kombat’s 250 million players with fake Android and Windows software that install spyware and malware. The clicker mobile game allows players to earn fictional currency by completing simple tasks. This article has been indexed from…

Read more →

dYdX’s decentralized finance (DeFi) exchange v3 website was hacked in a DNS hijack attack, compromising the platform. Users were warned not to visit or interact with the hacked website and to avoid withdrawing assets until the platform was safe. This…

Read more →

The Department of Health and Human Services is facing cloud security issues, with weaknesses in security controls and inventories of cloud systems. Over 30% of their systems are in the cloud, putting them at risk of compromise. This article has…

Read more →

The Daolpu malware collects account credentials, browser history, and cookies from Chrome, Edge, Firefox, and other browsers. It is spread through malicious document attachments in phishing emails that contain malicious macros. This article has been indexed from Cyware News –…

Read more →

The new Macma macOS backdoor is capable of data exfiltration through functionalities like device fingerprinting, keylogging, audio capture, and file uploading and downloading. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Chinese…

Read more →

Alphabet’s planned $23 billion acquisition of cybersecurity firm Wiz has fallen through, leading Wiz to pursue its own path toward an IPO and aiming for $1 billion in annual recurring revenue (ARR). This article has been indexed from Cyware News…

Read more →

RMM tools have become essential in managing remote devices, but they also pose risks if exploited by threat actors. Attackers can gain remote access to devices, exfiltrate data, and remain undetected. This article has been indexed from Cyware News –…

Read more →

A security flaw in Microsoft Defender SmartScreen was exploited to deliver ACR, Lumma, and Meduza stealers in a recent campaign. The campaign targeted Spain, Thailand, and the U.S. by using booby-trapped files exploiting CVE-2024-21412. This article has been indexed from…

Read more →

APT28-linked hackers have targeted Ukraine’s scientific institutions in a cyber-espionage campaign, believed to have ties to the Kremlin-backed group APT28, also known as Fancy Bear and BlueDelta. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Infoblox revealed a Chinese cybercrime syndicate called Vigorish Viper behind illegal online gambling brands advertised at European football stadiums. The group is linked to online gambling and cyber fraud-related human trafficking in Southeast Asia. This article has been indexed from…

Read more →

Google has decided to continue supporting third-party cookies, instead proposing a new approach that allows users to opt-in to their Privacy Sandbox. This comes after criticism and regulatory pressure over privacy concerns and competition issues. This article has been indexed…

Read more →

Verizon Communications has agreed to pay a $16 million settlement to the FCC for three data breaches at TracFone Wireless, a subsidiary acquired in 2021. TracFone provides services under brands like Total by Verizon Wireless and Straight Talk. This article…

Read more →

The leak comes from a backup allegedly sold by Conor Fitzpatrick, also known as Pompompurin. Following the seizure of RaidForums in 2022, Fitzpatrick launched BreachForums v1, which was later seized by the FBI and linked to his arrest. This article…

Read more →

Spanish police authorities have arrested three suspects connected to the pro-Russian hacker group NoName057(16), known for conducting DDoS attacks against Ukraine and its allies. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Channels with millions of subscribers, including Times of Ukraine and Real Kyiv, were affected by the hack. Ukrainian broadcaster Suspilne stated that 270 Ukrainian channels were compromised, with hackers spreading false narratives and propaganda. This article has been indexed from…

Read more →

FrostyGoop can disrupt industrial processes by altering values on ICS devices. The malware exploited the Modbus protocol to directly affect industrial control systems, posing a significant threat to OT environments globally. This article has been indexed from Cyware News –…

Read more →

A recent report from Europol indicates that the disruption of ransomware-as-a-service (RaaS) groups is causing a fragmentation of the threat landscape, complicating tracking efforts. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

ESET researchers discovered a zero-day exploit targeting Telegram for Android, called EvilVideo. This exploit allowed attackers to send malicious Android payloads disguised as video files in unpatched versions of Telegram. This article has been indexed from Cyware News – Latest…

Read more →

The National Crime Agency (NCA) in the United Kingdom has successfully infiltrated a DDoS-for-hire service known as DigitalStress. The suspected controller of the site was arrested in Northern Ireland earlier this month. This article has been indexed from Cyware News…

Read more →

Bitdefender researchers found suspicious Facebook ads promoting fake beta versions for free download on PC. These ads promise early access to a non-existent GTA VI beta with attractive features and release dates, using stolen gameplay footage. This article has been…

Read more →

Two Russian nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in a federal court in Newark for their roles in the LockBit ransomware operation. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

A 17-year-old boy from Walsall has been arrested by UK police for his involvement in the 2023 MGM Resorts ransomware attack, connected to the Scattered Spider hacking group. The arrest was made with assistance from the NCA and the FBI.…

Read more →

Attackers recently abused the swap file in a Magento e-commerce site to steal credit card information. Despite multiple cleanup attempts, the malware persisted until analysts discovered it. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The U.S. sanctioned two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR) for carrying out cyber operations against critical U.S. infrastructure. CARR has launched low-impact DDoS attacks in Ukraine and its allies since 2022. This article…

Read more →

While containers offer efficiency, they are vulnerable to attacks exploiting misconfigurations. Attackers can execute code or escalate privileges, endangering organizational security. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Analyzing Container Escape…

Read more →

Malicious campaigns have emerged, including one targeting BBVA bank customers with a fake CrowdStrike Hotfix that installs remote access tools. Another attack involves a data wiper distributed under the guise of a CrowdStrike update. This article has been indexed from…

Read more →

The U.S. cybersecurity agency CISA warned against clicking on suspicious links to prevent email compromise. Cybercriminals are already impersonating CrowdStrike in phishing emails, asking for payment to “fix the CrowdStrike apocalypse.” This article has been indexed from Cyware News –…

Read more →

Beijing has claimed that the Volt Typhoon attack gang, accused by Five Eyes nations of being a Beijing-backed threat to critical infrastructure, was actually fabricated by the US intelligence community. This article has been indexed from Cyware News – Latest…

Read more →

The Play ransomware group has introduced a Linux variant that targets ESXi environments. This variant verifies its environment before executing and has been successful in evading security measures. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The attacks, linked to a group called OilAlpha, involved malicious mobile apps and targeted CARE International, Norwegian Refugee Council (NRC), and Saudi Arabian King Salman Humanitarian Aid and Relief Centre. This article has been indexed from Cyware News – Latest…

Read more →

Indian crypto exchange WazirX disclosed a loss of virtual assets worth more than $230 million due to a cyber attack linked to North Korea. The attack targeted a multi-signature wallet with six signatories, leading to a breach in security measures.…

Read more →

According to Crunchbase data, cybersecurity funding reached a two-year high in Q2 of 2024, with venture capitalists investing $4.4 billion in startups, the strongest quarter since 2022. This marked a 144% increase from the previous year. This article has been…

Read more →

Operation Spincaster, involving law enforcement and government agencies across six countries, as well as 17 cryptocurrency exchanges, has identified 7,000 leads and $162 million in losses. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

This new class of HTTP Request Smuggling vulnerabilities poses a significant risk to thousands of websites, including those protected by Google’s Load Balancer and Identity-Aware Proxy (IAP). This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A critical vulnerability (CVE-2024-36991) in Splunk Enterprise on Windows is considered more severe than initially thought, allowing attackers to grab passwords. Various proof-of-concept exploits have been published. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Targets of TAG-100’s attacks include intergovernmental and diplomatic entities in the Asia-Pacific region, religious organizations in the U.S. and Taiwan, as well as a political party supporting an investigation into the Chinese government. This article has been indexed from Cyware…

Read more →

Most of the SEC civil fraud case against SolarWinds was dismissed by a U.S. District Court judge, but key allegations related to misleading investors about cybersecurity practices leading up to the 2020 Sunburst hack remain. This article has been indexed…

Read more →

Grype is an open-source vulnerability scanner for container images and filesystems that works with Syft to detect vulnerabilities in major operating system and language-specific packages like Alpine, Debian, Ruby, Java, Python, and more. This article has been indexed from Cyware…

Read more →

The Revolver Rabbit cybercriminal gang has registered over 500,000 domain names for infostealer campaigns targeting Windows and macOS systems. They utilize registered domain generation algorithms (RDGAs) to rapidly register multiple domains at once. This article has been indexed from Cyware…

Read more →

The Cybersecurity and Infrastructure Security Agency (CISA) has appointed new leaders to its cybersecurity division and stakeholder engagement role to enhance national cyber defenses and foster collaboration between the public and private sectors. This article has been indexed from Cyware…

Read more →

This new capability combines DNS-based Authentication of Named Entities (DANE) for SMTP and Domain Name System Security Extensions (DNSSEC) to protect against downgrade and man-in-the-middle attacks. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

By configuring multiple RDP sessions with RDPWrapper and using Tailscale for secure network connections, attackers can maintain access and exfiltrate sensitive data discreetly. This article has been indexed from Cyware News – Latest Cyber News Read the original article: New…

Read more →

As per the Cyware survey, 91% of respondents recognize the significance of collaboration in cybersecurity, but many struggle to effectively combine insights across teams and platforms. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Cyberattacks on Israeli organizations have more than doubled since the October 7 terrorist attack, with politically-motivated groups like hackers affiliated with Iran and Hezbollah, along with hacktivists, being the main drivers behind these attacks. This article has been indexed from…

Read more →

Cisco has addressed a critical vulnerability that allows attackers to add new users with root privileges and crash Security Email Gateway (SEG) appliances by sending emails with malicious attachments. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The vulnerabilities (CVE-2024-23469, CVE-2024-23466, CVE-2024-23467, CVE-2024-28074, CVE-2024-23471, and CVE-2024-23470) were all rated with severity scores of 9.6/10 and posed risks of unauthorized actions and information disclosure. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

A recent poll of tech managers from CrowdStrike’s 2024 State of Application Security Report revealed that cybersecurity workers only review major updates to software applications 54% of the time. This article has been indexed from Cyware News – Latest Cyber…

Read more →

UnitedHealth is expected to spend over $2.3 billion this year to recover from a cyberattack on its subsidiary Change Healthcare, which is significantly higher than initial estimates. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

SubSnipe is an open-source tool designed to identify vulnerable subdomains at risk of takeover. Created by Florian Walter, the tool offers improved accuracy and efficiency compared to other similar tools by conducting additional verification steps. This article has been indexed…

Read more →

Security firm Sygnia revealed that GhostEmperor recently compromised a network, using it as a launchpad to access another victim’s systems. This marks the first public report on the group since it was identified by Kaspersky Lab in 2021. This article…

Read more →

According to Sophos, ransomware attacks on critical national infrastructure (CNI) organizations have seen a significant increase in costs over the past year, with the median ransom payments reaching $2.54 million. This article has been indexed from Cyware News – Latest…

Read more →

Despite the limited scope of the bill, it aims to protect digital services and supply chains from cyberattacks. The legislation will also empower regulators to ensure critical infrastructure companies implement essential cyber safety measures. This article has been indexed from…

Read more →

Russia-linked cybercriminal group FIN7 sells its security evasion tool, AvNeutralizer, to other criminal gangs on darknet forums. The tool helps hackers bypass threat detection systems on victims’ devices. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Tracked as CVE-2024-20419, the flaw enables remote attackers to set new passwords without authentication. Admins are advised to upgrade to the fixed release to protect vulnerable servers, as there are no workarounds available. This article has been indexed from Cyware…

Read more →

Credential mismanagement was the leading cause of cloud-based attacks in the first half of 2024, according to a Google Cloud report. Weak credentials and misconfigurations were responsible for 75% of network intrusions during this period. This article has been indexed…

Read more →

A report by Legit Security highlights concerns around the security posture of the GitHub Actions marketplace, with most custom Actions lacking verification and being maintained by one developer. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

According to a new report by JumpCloud, About 49% of SME IT teams feel they lack resources to defend against cyber-threats, with layoffs affecting nearly half of them. 71% believe budget cuts would increase risk. This article has been indexed…

Read more →

The 9002 RAT malware, used in Operation Aurora in 2009, is a versatile trojan that can monitor network traffic, capture screenshots, and execute commands from a remote server. The malware is constantly updated with new variants to avoid detection. This…

Read more →

A recent report reveals that private sector stakeholders in the marine transportation system are hesitating to utilize critical cybersecurity services offered by the U.S. Coast Guard. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Scattered Spider, a notorious cybercrime group, has added ransomware strains RansomHub and Qilin to its arsenal, as revealed by Microsoft. They are known for sophisticated social engineering tactics to breach targets and steal data. This article has been indexed from…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) issued a directive to federal agencies to fix a critical vulnerability in GeoServer, a popular open-source server, that is actively being exploited. This article has been indexed from Cyware News – Latest…

Read more →

By exploiting this flaw, attackers could bypass critical authentication checks, manipulating JSON-encoded POST data to elevate their privileges and effectively log in as site administrators. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →