Researchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls. This article has been indexed from Cyware…
Tag: Cyware News – Latest Cyber News
Misinformation and Hacktivist Campaigns Targeting the Philippines Skyrocket
Amidst rising tensions with China in the South China Sea, Resecurity has observed a significant spike in malicious cyber activity targeting the Philippines in Q1 2024, increasing nearly 325% compared to the same period last year. This article has been…
BreachForums Down, But Not Out: Hackers Claim Attack, Admins Remain Unfazed
The domain of the notorious BreachForums data leak and hacking forum has been taken down by rival threat actors. The threat actor group, R00TK1T, along with the Cyber Army of Russia, announced a breach of user data following the takedown.…
From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering
To craftily pose as its chosen personas, TA427 uses a few tactics including DMARC abuse in concert with free email addresses, typosquatting, and private email account spoofing. This article has been indexed from Cyware News – Latest Cyber News Read…
Top Officials Again Push Back on Ransom Payment Ban
Due to multiple reasons, the Institute for Security and Technology’s Ransomware Task Force threw cold water on the need for a ransomware payment ban in a report released Wednesday. This article has been indexed from Cyware News – Latest Cyber…
Report: Bad Bots Drive 10% Annual Surge in Account Takeover Attacks
Internet traffic associated with malicious bots now accounts for a third (32%) of the total, driving a 10% year-on-year (YoY) increase in account takeover (ATO) attacks last year, according to Imperva. This article has been indexed from Cyware News –…
FTC Bans Online Mental Health Firm From Sharing Certain Data
The FTC in its complaint against Cerebral Inc. and the company’s former CEO Kyle Robertson, alleges unfair or deceptive practice violations of the FTC Act and the Opioid Act, which pertains to substance use disorder treatment services. This article has…
Microsoft will Limit Exchange Online Bulk Emails to Fight Spam
“Exchange Online enforces a Recipient Rate limit of 10,000 recipients. The 2,000 ERR limit will become a sub-limit within this 10,000 Recipient Rate limit,” the Exchange Team said on Monday. This article has been indexed from Cyware News – Latest…
Blackjack Group Used ICS Malware Fuxnet Against Russian Targets
The attack chain sees hackers targeting a list of sensor gateways IPs. Threat actors distributed their malware to each target, likely either through remote-access protocols such as SSH or the sensor protocol (SBK) over port 4321. This article has been…
Report: Microsoft Most Impersonated Brand in Phishing Scams
Microsoft was impersonated in 38% of all brand phishing attacks in Q1 2024, according to new data from Check Point. Google was the second most impersonated brand in Q1 2024, making up 11% of attempts. This article has been indexed…