The clinic said the hackers had access to personal data between May 4 and May 7, stealing information including Social Security numbers, passport numbers, financial account numbers with CVV numbers and expiration dates. This article has been indexed from Cyware…
Category: Cyware News – Latest Cyber News
Evil Corp hit with new sanctions, BitPaymer ransomware charges
The Evil Corp cybercrime syndicate has been hit with new sanctions by the United States, United Kingdom, and Australia. The US also indicted one of its members for conducting BitPaymer ransomware attacks. This article has been indexed from Cyware News…
Crook made millions by breaking into execs’ Office365 inboxes, feds say
Federal prosecutors have charged a man for an alleged “hack-to-trade” scheme that earned him millions of dollars by breaking into the Office365 accounts of executives at publicly traded companies. This article has been indexed from Cyware News – Latest Cyber…
Zimbra RCE Vuln Under Attack Needs Immediate Patching
Attackers are actively targeting a severe remote code execution vulnerability that Zimbra recently disclosed in its SMTP server, heightening the urgency for affected organizations to patch vulnerable instances right away. This article has been indexed from Cyware News – Latest…
Cyble Researchers Uncover Sophisticated Attack Using VSCode for Remote Access
Cyble researchers have uncovered a sophisticated campaign that starts with a suspicious .LNK file and uses VSCode to establish persistence and remote access – and installs the VSCode CLI if VSCode isn’t found on the victim machine. This article has…
Iran-linked Threat Group Handala Actively Targets Israel
Handala’s most serious claims are unverified, but the Iranian threat group’s actions have led to numerous account suspensions and website shutdowns due to its persistent activities. This article has been indexed from Cyware News – Latest Cyber News Read the…
PLANET Technology Switches Face Multiple Vulnerabilities, Urgent Firmware Updates Advised
The Taiwan Computer Emergency Response Team (TWCERT/CC) has released a series of security advisories highlighting critical vulnerabilities affecting various PLANET Technology switch models. This article has been indexed from Cyware News – Latest Cyber News Read the original article: PLANET…
Cloud Security Firm Apono Raises $15.5 Million to Expand AI-Powered Access Management
This latest investment, led by New Era Capital Partners, brings Apono’s total funding to $20. 5 million, positioning the company to lead the identity security market with its innovative AI-driven product. This article has been indexed from Cyware News –…
Authorities Warn of Growing Iranian Spear Phishing Threat Against Journalists and Diplomats
The UK and US issued a joint warning about the increasing Iranian spear phishing threat, attributing it to Iran’s Islamic Revolutionary Guard Corps targeting individuals in Iranian and Middle Eastern affairs, as well as US political campaigns. This article has…
Logpoint Strengthens SIEM by Acquiring Muninn AI-Powered NDR
Logpoint, a SIEM company based in Copenhagen, acquired Muninn, an AI-powered NDR startup, to enhance threat detection capabilities. Muninn’s AI technology is designed to detect complex attacks in environments where traditional methods fall short. This article has been indexed from…
KartLANPwn Flaw Exploits Mario Kart 8 Deluxe LAN Play Feature for RCE
The KartLANPwn vulnerability (CVE-2024-45200) targets Mario Kart 8 Deluxe’s LAN Play feature, potentially allowing hackers to execute remote code on players’ game consoles. This article has been indexed from Cyware News – Latest Cyber News Read the original article: KartLANPwn…
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog
The CISA has alerted to four newly exploited vulnerabilities in its KEV catalog. The vulnerabilities include critical flaws in D-Link and DrayTek Vigor routers, Motion Spell GPAC, and SAP Commerce Cloud. This article has been indexed from Cyware News –…
JPCERT Shares Windows Event Log Tips to Detect Ransomware Attacks
The investigation strategy shared by JPCERT/CC covers Application, Security, System, and Setup logs, which can reveal traces left by ransomware attacks and help identify the attack vector This article has been indexed from Cyware News – Latest Cyber News Read…
Researcher Details RCE Flaw (CVE-2024-36435) in Supermicro BMC IPMI Firmware
A critical vulnerability, CVE-2024-36435, has been found in several Supermicro enterprise products, allowing unauthenticated attackers to exploit a buffer overflow in the Baseboard Management Controller (BMC) firmware, leading to RCE. This article has been indexed from Cyware News – Latest…
Malicious Actors Use Infected PyPI Packages to Target Roblox Da Hood Game Cheaters
Platforms like Github, Discord, and YouTube are used to distribute compromised game cheats, which contain malware such as Skuld Stealer and Blank Grabber, known for stealing sensitive information. This article has been indexed from Cyware News – Latest Cyber News…
Phishing Attacks on Australia Disguised as Atlassian
Mimecast highlighted a noticeable increase in the use of Atlassian to evade detection. The attackers utilized postmark URLs to gather data intelligence, including location and browser details. This article has been indexed from Cyware News – Latest Cyber News Read…
DragonForce Ransomware Expands RaaS, Targets Firms Worldwide
The DragonForce group utilizes dual ransomware variants, including one based on LockBit 3.0 and another on ContiV3, to target industries like manufacturing, real estate, and transportation. This article has been indexed from Cyware News – Latest Cyber News Read the…
PoC Exploit Shows Local Privilege Escalation Risk in Linux
Researchers disclosed a critical privilege escalation vulnerability, CVE-2024-26808, in the Linux kernel affecting versions from v5.9 to v6.6. The flaw is in the Netfilter component, allowing root access by manipulating memory allocation. This article has been indexed from Cyware News…
Critical XSS Flaw Discovered in Filament Necessitates Urgent Update for Laravel Developers
A critical XSS flaw (CVE-2024-47186) has been found in Filament, a popular Laravel development tool. The vulnerability affects versions 3.0.0 to 3.2.114, putting applications at risk that render unvalidated ColorColumn or ColorEntry values. This article has been indexed from Cyware…
Multiple Vulnerabilities Discovered in PHP, Prompting Urgent Security Updates
Key vulnerabilities include log manipulation in PHP-FPM (CVE-2024-9026), bypassing redirect configurations (CVE-2024-8927), CGI parameter injection vulnerability (CVE-2024-8926), and erroneous parsing of multipart form data (CVE-2024-8925). This article has been indexed from Cyware News – Latest Cyber News Read the original…
Storm-0501 Expands Ransomware Attacks to Hybrid Cloud Environments
Microsoft has detected Storm-0501 using Cobalt Strike for lateral movement across networks and deploying Embargo ransomware on victim organizations in hybrid cloud setups. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Storm-0501…
Critical WatchGuard Vulnerabilities Discovered: CVE-2024-6592 and CVE-2024-6593
Two critical vulnerabilities, CVE-2024-6592 and CVE-2024-6593, have been found in WatchGuard’s Authentication Gateway and Single Sign-On Client software by cybersecurity firm RedTeam Pentesting GmbH. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
DCRat Targets Users with HTML Smuggling
A new HTML smuggling campaign is targeting Russian-speaking users, distributing DCRat malware. This marks the first time the malware has been deployed using this method, unlike common delivery methods like compromised sites or phishing emails. This article has been indexed…
Unpatched SQLi Flaw in TI WooCommerce Wishlist Threatens 100,000+ Sites
A critical security flaw, CVE-2024-43917, with a CVSS score of 9. 3, has been found in the popular WordPress plugin TI WooCommerce Wishlist, putting over 100,000 sites at risk of SQL injection attacks. This article has been indexed from Cyware…
Critical RCE Vulnerability Found in OpenPLC
The most severe issue is a stack-based buffer overflow vulnerability (CVE-2024-34026) that allows an attacker to execute remote code. Users are advised to update to the latest version of OpenPLC to protect against these security risks. This article has been…
BBTok Targeting Brazil Using the AppDomain Manager Injection Technique
The Brazilian-targeted threat BBTok has a complex infection chain that starts with an email containing an ISO image. The malware compiles C# code directly on the infected machine and uses the AppDomain Manager Injection technique. This article has been indexed…
HPE Patches Three Critical Security Holes in Aruba PAPI
HPE has released patches for three critical security vulnerabilities in Aruba’s networking access points, which could allow attackers to run code on the systems by sending specially crafted packets to UDP port 8211. This article has been indexed from Cyware…
China-linked APT group Salt Typhoon compromised some US ISPs
Experts are investigating whether the hackers gained access to Cisco Systems routers, a key component of ISP infrastructures, but Cisco has not found any indication of router involvement. This article has been indexed from Cyware News – Latest Cyber News…
Kia Dealer Portal Flaw Could Let Attackers Hack Millions of Cars
The vulnerabilities could be exploited to remotely control Kia vehicles equipped with remote hardware in under 30 seconds, exposing the sensitive personal information of car owners. This article has been indexed from Cyware News – Latest Cyber News Read the…
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems From Multiple Vendors
Security researchers at Bitsight discovered critical vulnerabilities in Automated Tank Gauge (ATG) systems, including Maglink LX, Maglink LX4, OPW SiteSentinel, Proteus OEL8000, Alisonic Sibylla, and Franklin TS-550. This article has been indexed from Cyware News – Latest Cyber News Read…
Critical Flaw in HashiCorp Vault Enables Unrestricted SSH Access, Threatens System Security
HashiCorp has released updated versions (1.17.6, 1.16.10, 1.15.15) to fix the flaw, along with a new configuration option to enhance security. Users are advised to upgrade or adjust their configurations to protect against exploitation. This article has been indexed from…
CISA Warns of Hackers Targeting Industrial Systems Using “Unsophisticated Methods”
The CISA has issued a warning about hackers using basic techniques to target industrial systems, particularly OT and ICS devices in critical infrastructure, water, and wastewater systems. This article has been indexed from Cyware News – Latest Cyber News Read…
Critical WhatsUp Gold Vulnerabilities Demand Immediate Action
The six vulnerabilities, with high severity scores, could lead to unauthorized access and control over network infrastructure. Progress Software advises all WhatsUp Gold users to upgrade to version 24.0.1 to mitigate these vulnerabilities. This article has been indexed from Cyware…
Phishing-as-a-Service Platform Sniper Dz Used to Create 140,000 Phishing Sites in One Year
Cybersecurity researchers at Palo Alto Networks’ Unit 42 have discovered a prolific Phishing-as-a-Service platform called Sniper Dz, responsible for creating over 140,000 phishing websites in just one year. This article has been indexed from Cyware News – Latest Cyber News…
Critical Flaws Discovered in Jupiter X Core WordPress Plugin Affecting Over 90,000 Sites
Security researchers have found critical flaws in the Jupiter X Core WordPress plugin, affecting over 90,000 websites. The vulnerabilities could allow attackers to take control of websites or hijack user accounts, including admin accounts. This article has been indexed from…
VLC Media Player Update Needed: CVE-2024-46461 Discovered
VLC Media Player users are urged to update their software due to the critical CVE-2024-46461 vulnerability, which could crash the program or lead to code execution by malicious actors. This article has been indexed from Cyware News – Latest Cyber…
Critical CUPS Vulnerabilities Expose Linux and Other Systems to Remote Attacks
Multiple critical vulnerabilities in CUPS (Common Unix Printing System) have been uncovered, affecting Linux systems, BSDs, Oracle Solaris, and Google Chrome OS. These flaws can enable attackers to execute arbitrary commands through IPP URLs. This article has been indexed from…
Critical Vulnerabilities Found in NVIDIA Container Toolkit
Nvidia Container Toolkit has critical vulnerabilities (CVE-2024-0132 and CVE-2024-0133) up to v1.16.1, allowing attackers to access the host file system, execute code, escalate privileges, and disrupt services. This article has been indexed from Cyware News – Latest Cyber News Read…
Pure Storage Reveals CVSS 10 Vulnerabilities, Putting FlashArray, FlashBlade Systems at Risk
The identified flaws include a local configuration account vulnerability, remote access via privileged accounts, remote account creation, remote command execution, and SNMP configuration exploitation. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Critical SQL Injection Vulnerability Discovered in ‘The Events Calendar’ WordPress Plugin
A critical SQL injection vulnerability has been discovered in The Events Calendar WordPress plugin (CVE-2024-8275), affecting all versions up to 6. 6. 4. The vulnerability has a CVSS score of 9. 8, indicating a high level of severity. This article…
Threat Actors Leverage Docker Swarm and Kubernetes to Mine Cryptocurrency at Scale
Threat actors exploit vulnerabilities in container orchestration technologies, particularly misconfigured Docker API endpoints, to compromise containers and cloud hosts to deploy a crypto miner. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Inside SnipBot: The Latest RomCom Malware Variant
Unit 42 researchers discovered a new variant of the RomCom malware family called “SnipBot,” designed to target enterprise networks. It can infiltrate networks, execute remote commands, and download additional malicious software. This article has been indexed from Cyware News –…
Kryptina RaaS: From Unsellable Cast-Off to Enterprise Ransomware
Mallox, known for targeting Windows systems, has expanded its operations to Linux by using a modified version of the Kryptina ransomware, named “Mallox Linux 1.0.” The ransomware utilizes the same encryption algorithm as Kryptina. This article has been indexed from…
FreeBSD Issues Critical Security Advisory for CVE-2024-41721 (CVSS 9.8)
The flaw, CVE-2024-41721, in bhyve’s USB emulation functionality could lead to malicious code execution, posing a serious threat to systems running vulnerable versions of FreeBSD. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Critical Dragonfly2 Flaw Due to Hardcoded Key Threatens Admin Access
The flaw, tracked as CVE-2023-27584, stems from a hard-coded cryptographic key used in the authentication process, posing a serious risk of unauthorized access, including admin-level privileges. This article has been indexed from Cyware News – Latest Cyber News Read the…
Critical Grafana Plugin SDK Flaw Exposes Sensitive Information
This flaw, tracked as CVE-2024-8986 with a CVSS score of 9.1, could lead to the unintentional exposure of sensitive information, such as repository credentials, due to the build metadata being included in compiled binaries. This article has been indexed from…
More Than $44 Million in Cryptocurrency Stolen From Singaporean Platform Bingx
Singaporean cryptocurrency platform BingX was hit by a cyberattack resulting in the theft of over $44 million. The attack was detected by two blockchain security firms, leading to a temporary suspension of withdrawals and emergency asset transfers. This article has…
DOJ, FBI Need Better Metrics for Tracking Ransomware Disruption Efforts, Audit Finds
An audit found that both the DOJ and FBI need to improve in three key areas to enhance their fight against ransomware. While the FBI reported an improvement in taking action within 72 hours in 47% of incidents, there is…
Keycloak Vulnerability Puts SAML Authentication at Risk
The vulnerability lies in Keycloak’s XMLSignatureUtil class, which incorrectly verifies SAML signatures, disregarding the vital “Reference” element that specifies the signed portion of the document. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Picus Security Raises $45M in Funding
Picus Security, a San Francisco, CA-based security validation company, raised $45M in funding. The round, which brought total funds raised to $80M, was led by Riverwood Capital, with participation from existing investor Earlybird Digital East Fund. This article has been…
US DoJ Charged Two Men With Stealing and Laundering $230 Million Worth of Cryptocurrency
Two suspects, Malone Lam and Jeandiel Serrano, were arrested by the US Department of Justice for stealing and laundering over $230 million worth of cryptocurrency in Miami. This article has been indexed from Cyware News – Latest Cyber News Read…
AT&T Pays $13 Million FCC Settlement Over 2023 Data Breach
The breach occurred when threat actors gained access to customer data of about 9 million AT&T wireless accounts stored by a vendor. This exposed sensitive customer information like account numbers, phone numbers, and email addresses. This article has been indexed…
GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging
The GSM Association is working on implementing end-to-end encryption for Rich Communications Services (RCS) messaging between Android and iOS. This important step aims to enhance user protection and secure messages across platforms. This article has been indexed from Cyware News…
SambaSpy RAT Targets Italian Users in a Unique Malware Campaign
This unique malware campaign stood out for its precise targeting of Italian victims, with checks implemented to ensure the system language was set to Italian before infecting the device. This article has been indexed from Cyware News – Latest Cyber…
Lumma Stealer Malware Campaign Exploits Fake CAPTCHA Pages
The Lumma Stealer malware is being distributed through deceptive human verification pages that trick Windows users into running malicious PowerShell commands, leading to sensitive information theft. This article has been indexed from Cyware News – Latest Cyber News Read the…
Police Dismantles Phone Unlocking Ring Linked to 483,000 Victims
This scheme was uncovered in 2022 during “Operation Kaerb,” involving global enforcement agencies. The criminals mimicked popular mobile platforms to conduct phishing attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Police…
Germany Seizes Leak Site of ‘Vanir’ Ransomware Operation
German authorities have seized the leak site used by a ransomware group known as “Vanir” in a move to disrupt their operations. The site was used to post information about victims, including a German company. This article has been indexed…
CISA Adds Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and MSSQL Server Bugs to its KEV Catalog
These vulnerabilities can lead to remote code execution and privilege escalation, posing a significant risk to affected systems. For example, the Oracle JDeveloper vulnerability can allow attackers to compromise the software and take over the system. This article has been…
Patch this Critical Safeguard for Privileged Passwords Authentication Bypass Flaw
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access. This article has been indexed from Cyware News – Latest Cyber…
Microsoft Entra ID’s Administrative Units Weaponized to Gain Stealthy Persistence
Datadog Security Labs recently revealed a security risk within Microsoft Entra ID, showing how its administrative units (AUs) can be weaponized by attackers to create persistent backdoor access. This article has been indexed from Cyware News – Latest Cyber News…
Germany Seizes 47 Crypto Exchanges Used by Ransomware Gangs
These exchanges allowed users to trade cryptocurrencies anonymously, creating a safe environment for cybercriminals to launder their proceeds without fear of prosecution. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Germany Seizes…
Clever ‘GitHub Scanner’ Campaign Abusing Repositories to Push Malware
A sophisticated campaign is using GitHub repositories to spread the Lumma Stealer malware, targeting users interested in open-source projects or receiving email notifications from them. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Hackers Deliver Popular Crypto-Miner Through Malicious Email Auto Replies, Researchers Say
Hackers are distributing a popular crypto-miner via malicious email auto-replies, as per researchers. They compromised email accounts to send innocent automatic replies with links to crypto-mining malware, specifically XMRig. This article has been indexed from Cyware News – Latest Cyber…
Acronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity Alert
Acronis Backup Plugins have been affected by a critical security flaw, CVE-2024-8767 (CVSS 9.9). The vulnerability impacts Linux-based plugins for cPanel & WHM, Plesk, and DirectAdmin, potentially leading to data breaches and unauthorized operations. This article has been indexed from…
CVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet FortiClient EMS
Cybersecurity researchers at Darktrace have discovered cybercriminals exploiting Fortinet’s FortiClient EMS. The attackers targeted a critical vulnerability, CVE-2023-48788, to gain unauthorized access through an SQL injection flaw. This article has been indexed from Cyware News – Latest Cyber News Read…
Experts Warn of China-Linked APT’s Raptor Train IoT Botnet
The attribution of the Raptor Train botnet to a Chinese nation-state actor is based on various factors, including operational timelines, targeting sectors aligned with Chinese interests, and the use of the Chinese language. This article has been indexed from Cyware…
Cybercriminals Exploit CAPTCHA to Deliver Malware: Experts Issue Warning
These counterfeit CAPTCHA tests prompt users to execute seemingly harmless commands, which actually lead to the installation of the dangerous Lumma Stealer malware on Windows devices. This article has been indexed from Cyware News – Latest Cyber News Read the…
CISA Warns of Actively Exploited Adobe Flash Player Vulnerabilities
The CISA has directed federal agencies to remove Flash Player by October 8, 2024, to safeguard sensitive data and critical operations. Adobe officially ended Flash Player support in 2020, recognizing its security risks. This article has been indexed from Cyware…
Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC Region
In this campaign aimed at the APAC region, Earth Baxia used a new backdoor named EAGLEDOOR, which supports multiple communication protocols for information gathering and payload delivery. This article has been indexed from Cyware News – Latest Cyber News Read…
Microsoft Confirms CVE-2024-37985 as Zero-Day Bug in Windows
Microsoft has confirmed CVE-2024-37985 as a zero-day bug in Windows with a CVSS score of 5.9. It is a Windows Kernel information disclosure vulnerability, allowing attackers to access heap memory from a privileged process on a vulnerable server. This article…
Ransomware Gangs Now Abuse Microsoft Azure Tool for Data Theft
Ransomware groups such as BianLian and Rhysida are now exploiting Microsoft Azure tools like Storage Explorer and AzCopy to steal data from compromised networks and store it in Azure Blob storage. This article has been indexed from Cyware News –…
Update: PoC Exploit Released for Unauthenticated RCE in Veeam Backup & Replication
Security researcher Sina Kheirkhah has published a PoC exploit for CVE-2024-40711 in Veeam Backup & Replication, a critical vulnerability with a CVSS score of 9.8. The flaw allows unauthenticated RCE, posing a threat to enterprise environments. This article has been…
GitLab Releases Critical Security Patch for CVE-2024-45409 (CVSS 10) Vulnerability
GitLab has released a critical security patch for the CVE-2024-45409 vulnerability (CVSS 10). It impacts both GitLab Community Edition (CE) and Enterprise Edition (EE) and originates from the Ruby-SAML library used for SAML authentication. This article has been indexed from…
Update: PKfail Secure Boot Bypass Remains a Significant Risk Two Months Later
Approximately nine percent of tested firmware images use non-production cryptographic keys that are publicly known, making Secure Boot devices vulnerable to UEFI bootkit malware attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…
CISA Urges Software Developers to Weed Out XSS Vulnerabilities
The CISA and the FBI recommended software developers to implement rigorous validation, sanitization, and input escaping to prevent malicious script injections and data manipulation. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Red Hat OpenShift Receives Patches for Two Critical Flaws
Red Hat OpenShift, a popular hybrid cloud platform with robust security features, is facing two critical vulnerabilities: CVE-2024-45496 (CVSS 9.9) and CVE-2024-7387 (CVSS 9.1). This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
US Indicts Chinese National for Phishing for NASA Tech
Prosecutors allege that Chinese national Wu Song targeted US academics and engineers to obtain applications used in aerospace engineering and fluid dynamics, which could be used for developing missiles and weapons. This article has been indexed from Cyware News –…
Data Theft Risk in Salesforce by Manipulating Public Links
The vulnerability was related to the undocumented Salesforce Aura API and SOQL subqueries, allowing a blind SOQL injection attack to retrieve customer information, including personally identifiable information (PII). This article has been indexed from Cyware News – Latest Cyber News…
Valid Accounts Remain Top Access Point for Critical Infrastructure Attacks, Officials Say
Valid account abuse remains a top entry point for critical infrastructure attacks, with the CISA reporting that 2 in 5 successful intrusions last year were attributed to this method. This article has been indexed from Cyware News – Latest Cyber…
Construction Companies Potentially Vulnerable Through Accounting Software
Cybersecurity firm Huntress reported that attackers search for publicly accessible installations of Foundation software on the internet and then attempt to gain administrative access by trying combinations of default usernames and passwords. This article has been indexed from Cyware News…
Critical Flaws Found in VICIdial Contact Center Suite, PoC Published
Two critical vulnerabilities, CVE-2024-8503 (SQL Injection) and CVE-2024-8504 (Privilege Escalation), have been uncovered in the VICIdial Contact Center Suite, posing a major risk for call centers globally. This article has been indexed from Cyware News – Latest Cyber News Read…
EchoStrike: Generate Undetectable Reverse Shells, Perform Process Injection
EchoStrike features an interactive Python wizard for easy customization, various persistence techniques, binary padding for evasion, AES payload encryption, and dynamic binary download. This article has been indexed from Cyware News – Latest Cyber News Read the original article: EchoStrike:…
Update: PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability
This critical flaw, actively exploited in the wild, allows attackers to elevate privileges to SYSTEM level, posing a significant risk to organizations using Microsoft’s Hyper-V virtualization technology. This article has been indexed from Cyware News – Latest Cyber News Read…
US Hits Intellexa Spyware Maker With More Sanctions
The US has imposed further sanctions on Intellexa, the maker of the Predator spyware, targeting individuals and entities associated with the company due to its opaque corporate structure designed to evade accountability. This article has been indexed from Cyware News…
23andMe Pledges $30 Million to the 6.4 Million People Affected by Data Breach
23andMe has pledged $30 million to compensate the 6.4 million people affected by a data breach in October 2023. The breach occurred when a hacker used stolen credentials to access a significant amount of account information, including health data. This…
Zero-Click Calendar Invite: Critical macOS Vulnerability Chain Uncovered
The vulnerability, tracked as CVE-2022-46723, enables attackers to manipulate files within the macOS Calendar app environment and execute remote code during system upgrades. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Zero-Click…
Rising Clipper Malware Attacks Target Cryptocurrency Users
The malicious software called ClipBankers can monitor clipboard activity and replace cryptocurrency addresses with those controlled by attackers, diverting digital asset transfers to rogue wallets. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Critical Vulnerability in AutoGPT Puts Over 166,000 Projects at Risk
A critical vulnerability, CVE-2024-6091 (CVSS 9. 8), has been found in AutoGPT, a popular AI tool with over 166,000 projects at risk. The flaw allows for OS Command Injection, potentially enabling unauthorized actions. This article has been indexed from Cyware…
D-Link Fixes Critical RCE, Hardcoded Credential Flaws in WiFi 6 Routers
D-Link has addressed critical vulnerabilities in three popular WiFi 6 router models, fixing issues that could allow remote attackers to run arbitrary code or access devices with hardcoded credentials. This article has been indexed from Cyware News – Latest Cyber…
Metabase Q Raises $11M in Series A Extension Funding
Metabase Q, an IT cybersecurity management company based in San Francisco, has raised $11M in its Series A extension funding. Backers include SYN Ventures and John Watters. This article has been indexed from Cyware News – Latest Cyber News Read…
The Dark Nexus Between Harm Groups and ‘The Com’ – Krebs on Security
Western cybercriminals in online groups, like Scattered Spider, target vulnerable teens, pushing them towards harm and violence. The Com, a cybercriminal network, fosters extortion and violence among its members. This article has been indexed from Cyware News – Latest Cyber…
Strider Secures $55M to Fuel AI Growth and Global Expansion
Strider Technologies has secured $55 million in Series C funding to bolster its artificial intelligence research, expand into the government sector, and support global growth. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Woo Skimmer Uses Style Tags and Image Extension to Steal Card Details
A recent WooCommerce skimming attack used a creative method to steal credit card details by hiding malicious code within style tags and embedding a fake payment overlay in an image file disguised as a favicon. This article has been indexed…
Largest Crypto Exchange in Indonesia Suffers $22 Million Theft
Although Indodax did not confirm the exact amount stolen, reports suggest $22 million. The company warned users about potential scammers taking advantage of the situation. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Hackers Target Selenium Grid Servers for Proxyjacking and Cryptomining Attacks
Threat actors are infecting publicly exposed Selenium Grid servers to utilize victims’ internet bandwidth for cryptomining, proxyjacking, and potentially more harmful activities. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Hackers Target…
Windows Vulnerability Abused Braille “Spaces” in Zero-Day Attacks
A recently patched Windows vulnerability, identified as CVE-2024-43461, was exploited by the Void Banshee APT hacking group in zero-day attacks to install information-stealing malware. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Cyber Threats Intensify in Mexico; Espionage and Extortion Risks Grow
Mandiant’s report highlights the escalating cyber threats facing Mexico, with a rise in global espionage and local cybercrime targeting individuals and businesses. Since 2020, cyber espionage groups from over 10 countries have targeted Mexican firms. This article has been indexed…
Applications are Open for IoT Device Cyber Certifiers
The FCC is seeking volunteers to serve as administrators for a new cybersecurity labeling program, allowing consumers to identify products less vulnerable to cyberattacks. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Python Libraries Exploited for Malicious Intent
A recent report by Xavier Mertens, a Senior ISC Handler and cybersecurity consultant, highlights a concerning trend where cybercriminals are increasingly using legitimate Python libraries for malicious activities. This article has been indexed from Cyware News – Latest Cyber News…
Aembit Raises $25M to Tackle Nonhuman Identity Security Challenges
Nonhuman identity and access management company Aembit Inc. has secured $25 million in funding to enhance its solutions. The Series A funding round was led by Acrew Capital. This article has been indexed from Cyware News – Latest Cyber News…