Latest Cybersecurity News and Articles
10 July 2024
The Problem
The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are:
53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zero-days.
More mass compromise events arose from zero-day vulnerabilities than from n-day vulnerabilities.
10 July 2024
Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild.
Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser
10 July 2024
This vulnerability, known as Blast RADIUS and rated 7.5 out of 10 on the severity scale, affects the RADIUS networking protocol, potentially granting unauthorized access to network devices and services without credentials.
10 July 2024
It’s the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in APT and top cybercrime groups only, to a commodity skill used in almost every ransomware attack. The
10 July 2024
Monocle is an open-source tool powered by an LLM for searching natural language in compiled binaries. It can analyze binaries based on criteria like authentication code or password strings, using Ghidra headless for decompilation.
10 July 2024
A vulnerability in certain versions of the OpenSSH secure networking suite may allow for remote code execution. The vulnerability, identified as CVE-2024-6409 with a CVSS score of 7.0, affects specific versions of OpenSSH such as 8.7p1 and 8.8p1.
10 July 2024
The CISA is developing a new framework to assess the trustworthiness of open-source software projects. The agency's open-source software security roadmap aims to increase visibility into OSS use and risks across the federal government.
10 July 2024
Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP).
"Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said.
Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on
10 July 2024
Hackers are targeting a vulnerability in the Modern Events Calendar WordPress plugin found on over 150,000 websites to upload files and execute code remotely. The plugin by Webnus is used to manage events.
10 July 2024
The cybersecurity arm of the UK government, RITICS, has released a new guide to assist companies in enhancing the security of their operational technology (OT) and industrial control system (ICS) hardware.
10 July 2024
Approximately 68 malicious packages were created between May 26 and June 23, 2024, with deceptive names like cdnjquery and jquertyi. These packages were manually crafted, unlike automated attacks, allowing the threat actor to steal website form data.
10 July 2024
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams.
"Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion," Elliptic said in a report shared with The Hacker News.
10 July 2024
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents.
"A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime (CLR) to dynamically load and run PowerShell commands, thereby creating a PowerShell environment within AutoIt for operations," Trellix security researchers Mathanraj Thangaraju and Sijo Jacob
10 July 2024
Identity and vulnerability management were analyzed in a recent report.
10 July 2024
Cyber risks, ransomware and cyberattacks were analyzed in a recent report.
10 July 2024
The extortion campaign against Ticketmaster continues with 166,000 Taylor Swift ticket barcodes leaked.
09 July 2024
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).
The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1
09 July 2024
Microsoft Corp. today issued software updates to plug 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two of the vulnerabilities in active attacks against Windows users.
09 July 2024
A Yemeni hacking group associated with the Houthi movement has been spying on military personnel in the Middle East by infecting their phones with surveillance software, according to cybersecurity firm Lookout.
09 July 2024
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the UK, and the US have warned about APT40, a China-linked cyber espionage group known for quickly exploiting new security bugs after public disclosure.