Microsoft has detected Storm-0501 using Cobalt Strike for lateral movement across networks and deploying Embargo ransomware on victim organizations in hybrid cloud setups. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Storm-0501…
Tag: Cyware News – Latest Cyber News
Critical WatchGuard Vulnerabilities Discovered: CVE-2024-6592 and CVE-2024-6593
Two critical vulnerabilities, CVE-2024-6592 and CVE-2024-6593, have been found in WatchGuard’s Authentication Gateway and Single Sign-On Client software by cybersecurity firm RedTeam Pentesting GmbH. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
DCRat Targets Users with HTML Smuggling
A new HTML smuggling campaign is targeting Russian-speaking users, distributing DCRat malware. This marks the first time the malware has been deployed using this method, unlike common delivery methods like compromised sites or phishing emails. This article has been indexed…
Unpatched SQLi Flaw in TI WooCommerce Wishlist Threatens 100,000+ Sites
A critical security flaw, CVE-2024-43917, with a CVSS score of 9. 3, has been found in the popular WordPress plugin TI WooCommerce Wishlist, putting over 100,000 sites at risk of SQL injection attacks. This article has been indexed from Cyware…
Critical RCE Vulnerability Found in OpenPLC
The most severe issue is a stack-based buffer overflow vulnerability (CVE-2024-34026) that allows an attacker to execute remote code. Users are advised to update to the latest version of OpenPLC to protect against these security risks. This article has been…
BBTok Targeting Brazil Using the AppDomain Manager Injection Technique
The Brazilian-targeted threat BBTok has a complex infection chain that starts with an email containing an ISO image. The malware compiles C# code directly on the infected machine and uses the AppDomain Manager Injection technique. This article has been indexed…
HPE Patches Three Critical Security Holes in Aruba PAPI
HPE has released patches for three critical security vulnerabilities in Aruba’s networking access points, which could allow attackers to run code on the systems by sending specially crafted packets to UDP port 8211. This article has been indexed from Cyware…
China-linked APT group Salt Typhoon compromised some US ISPs
Experts are investigating whether the hackers gained access to Cisco Systems routers, a key component of ISP infrastructures, but Cisco has not found any indication of router involvement. This article has been indexed from Cyware News – Latest Cyber News…
Kia Dealer Portal Flaw Could Let Attackers Hack Millions of Cars
The vulnerabilities could be exploited to remotely control Kia vehicles equipped with remote hardware in under 30 seconds, exposing the sensitive personal information of car owners. This article has been indexed from Cyware News – Latest Cyber News Read the…
Critical Vulnerabilities Discovered in Automated Tank Gauge Systems From Multiple Vendors
Security researchers at Bitsight discovered critical vulnerabilities in Automated Tank Gauge (ATG) systems, including Maglink LX, Maglink LX4, OPW SiteSentinel, Proteus OEL8000, Alisonic Sibylla, and Franklin TS-550. This article has been indexed from Cyware News – Latest Cyber News Read…