GitLab released updates covering versions 17.1.7, 17.2.5, and 17.3.2 for GitLab Community Edition (CE) and Enterprise Edition (EE), addressing a total of 18 security issues. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Tag: Cyware News – Latest Cyber News
Fileless Remcos RAT Campaign Leverages CVE-2017-0199 Flaw
In a newly uncovered advanced malware campaign, threat actors are using a complex, fileless approach to deliver the Remcos Remote Access Trojan (RAT), leveraging a benign-looking Excel document as the attack vector. This article has been indexed from Cyware News…
Chinese-Made Port Cranes in US Included ‘Backdoor’ Modems, House Report Says
A recent congressional investigation revealed that Chinese-made port cranes in the United States contained hidden modems that could provide unauthorized access to the machines. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Citrix Workspace App Users Urged to Update Following Two Privilege Escalation Flaws
Users of Citrix Workspace App are advised to update due to two privilege escalation flaws. Cloud Software Group disclosed vulnerabilities (CVE-2024-7889 & CVE-2024-7890) in the Windows app, allowing attackers to gain high-level access. This article has been indexed from Cyware…
Update: Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities
Trend Micro researchers uncovered remote code execution attacks targeting Progress Software’s WhatsUp Gold using the vulnerabilities tracked as CVE-2024-6670 and CVE-2024-6671. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Update: Protecting Against…
New Vo1d Malware Infects 1.3 Million Android Streaming Boxes
The Vo1d malware campaign targets specific Android firmware versions like Android 7.1.2 and Android 10.1. The malware modifies system files to launch itself on boot and persist on the device. This article has been indexed from Cyware News – Latest…
Targeted Campaigns in Retail Sector Involve Domain Fraud, Brand Impersonation, and Ponzi Schemes
Threat actors are actively engaging in domain fraud, brand impersonation, and Ponzi schemes targeting the retail sector, which plays a significant role in the global economy. This article has been indexed from Cyware News – Latest Cyber News Read the…
Hackers Have Sights Set on Four Microsoft Vulnerabilities, CISA Warns
Federal civilian agencies have until the end of the month to address these issues. The vulnerabilities are part of Microsoft’s monthly security release, with CVE-2024-43491 considered the most concerning due to its severity score. This article has been indexed from…
Critical Severity Flaw Exposes Siemens Industrial Systems
This flaw, tracked as CVE-2024-35783 and with a CVSS score of 9.4, affects SIMATIC Process Historian, PCS 7, and WinCC, allowing attackers to gain elevated privileges and execute arbitrary commands. This article has been indexed from Cyware News – Latest…
Fake Recruiter Coding Tests Target Developers With Malicious Python Packages
The Lazarus Group has been targeting developers in a new VMConnect campaign, using fake job interviews to trick them into downloading malicious software packages from open-source repositories. This article has been indexed from Cyware News – Latest Cyber News Read…