SAP released its monthly Security Patch Day update addressing 14 critical vulnerabilities across multiple enterprise products. The comprehensive security update includes patches addressing critical authorization bypass issues and cross-site scripting vulnerabilities, with CVSS scores ranging from 3.0 to 9.6. Organizations…
Tag: Cyber Security News
Google Vulnerability Let Attackers Access Any Google User’s Phone Number
A critical security vulnerability in Google’s account recovery system allowed malicious actors to obtain the phone numbers of any Google user through a sophisticated brute-force attack, according to a disclosure by a BruteCat security researcher published this week. The vulnerability,…
Sensata Technologies Hit by Ransomware Attack – Operations Impacted
Sensata Technologies, Inc., a prominent industrial technology company based in Attleboro, Massachusetts, has disclosed a significant cybersecurity incident that compromised the personal information of hundreds of individuals. The external system breach, classified as a hacking incident, occurred on March 28,…
Google Vulnerability Let Attackers Access Any Google User Phone Number
A critical security vulnerability in Google’s account recovery system allowed malicious actors to obtain the phone numbers of any Google user through a sophisticated brute-force attack, according to a disclosure by a BruteCat security researcher published this week. The vulnerability,…
Sophisticated Skitnet Malware Actively Adopted by Ransomware Gangs to Streamline Operations
Ransomware operators have increasingly turned to a sophisticated new malware tool called Skitnet, also known as “Bossnet,” to enhance their post-exploitation capabilities and evade traditional security measures. First emerging on underground cybercrime forums in April 2024, this multi-stage malware has…
Bitter Malware Using Custom-Developed Tools To Evade Detection In Sophisticated Attacks
A comprehensive analysis of the Bitter espionage group has revealed eight years of sustained cyber operations employing increasingly sophisticated custom-developed malware tools designed to evade detection while conducting intelligence gathering activities. The threat actor, also known as TA397, has demonstrated…
New Report Uncover That Chinese Hackers Attempted To Compromise SentinelOne’s Own Servers
Chinese state-sponsored hackers launched sophisticated reconnaissance operations against cybersecurity giant SentinelOne’s infrastructure in October 2024, representing part of a broader campaign targeting over 70 organizations worldwide. The previously undisclosed attacks, detailed in a comprehensive report released by SentinelLabs on June…
APT41 Hackers Using Google Calendar for Malware Command-and-Control To Attack Government Entities
A recent campaign by Chinese state-sponsored threat actor APT41 has unveiled a novel exploitation of Google Calendar for malware command-and-control (C2) operations, marking a significant escalation in cyberespionage tactics. The group, tracked under aliases including BARIUM and Brass Typhoon, targeted…
Google Warns of Cybercriminals Increasingly Attacking US Users to Steal Login Credentials
Google’s latest comprehensive survey reveals a concerning surge in cybercriminal activities targeting American users, with over 60% of U.S. consumers reporting a noticeable increase in scam attempts over the past year. The technology giant’s collaboration with Morning Consult has unveiled…
New DuplexSpy RAT Let Attackers Gain Complete Control of Windows Machine
Cybersecurity researchers have identified a sophisticated new remote access trojan called DuplexSpy RAT that enables attackers to establish comprehensive surveillance and control over Windows systems. This multifunctional malware represents a growing trend in modular, GUI-driven threats that significantly lower the…