Latest Cybersecurity News and Articles
09 July 2024
Nearly 10 billion unique, plaintext passwords were uploaded to a hacker forum.
09 July 2024
The security of unauthorized (unapproved by IT) Software as a Service (SaaS) applications were analyzed in a recent report by Next DLP.
09 July 2024
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances.
"The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks," InkBridge
09 July 2024
This vulnerability affects Ghostscript versions ? 10.03.0 and can have a significant impact on web applications and services using Ghostscript for document conversion and previews.
09 July 2024
The CISA has released its Guide to Operational Security for Election Officials.
09 July 2024
Cybersecurity researchers have found that it's possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining.
"Misconfigurations such as improperly set up authentication mechanisms expose the '/script' endpoint to attackers," Trend Micro's Shubham Singh and Sunil Bharti said in a technical write-up
09 July 2024
The scammers identify previous scam victims and pose as trusted entities such as government agencies, cybersecurity firms, or fund recovery services, asking for upfront fees or personal information to supposedly help with the recovery process.
09 July 2024
Clear Web vs. Deep Web vs. Dark Web
Threat intelligence professionals divide the internet into three main components:
Clear Web - Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites.
Deep Web - Websites and forums that are unindexed by search engines. For example, webmail, online banking, corporate intranets, walled gardens, etc. Some
09 July 2024
This vulnerability, tracked as CVE-2024-39884 and caused by a regression, can lead to unintentional exposure of sensitive data when legacy content-type configurations are used.
09 July 2024
Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool called GuardZoo.
The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthi-aligned threat actor based on the application lures, command-and-control (C2) server logs, targeting footprint, and the attack
09 July 2024
A new variant of Mallox ransomware has been discovered by cybersecurity researchers at Uptycs, targeting Linux systems with custom encryption and a builder web panel. A custom Python script called web_server.py is used to deliver the ransomware.
09 July 2024
Splunk has released a set of security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including high-severity issues. CVE-2024-36985 allows remote code execution via External Lookup in Splunk Enterprise.
09 July 2024
The company revealed that their corporate IT network, production environment, and TeamViewer connectivity platform are segmented to prevent unauthorized access. Immediate remediation measures were effective in blocking suspicious activity.
09 July 2024
Cyble Research and Intelligence Labs (CRIL) has identified an increase in the exploitation of the Microsoft SmartScreen vulnerability (CVE-2024-21412) through an active campaign targeting regions like Spain, the US, and Australia.
09 July 2024
Critical infrastructure providers are urging federal officials for more flexibility in reporting cyber incidents within the first 72 hours under the Cyber Incident Reporting for Critical Infrastructure Act.
09 July 2024
APT40 is one of the cyber actors that has embraced the trend of using SoHo devices to launch attacks
09 July 2024
Attackers can leverage the Jenkins Script Console to execute malicious Groovy scripts, leading to cybercriminal activities such as the deployment of cryptocurrency miners.
09 July 2024
The shift away from public disclosure on Twitter is part of an evolution in how the CNMF communicates cyber threat information. The command now focuses on working closely with industry partners to share information effectively and efficiently.
09 July 2024
The flaw allows an attacker to execute arbitrary commands as root on the affected device's operating system. Only attackers with administrator credentials can successfully exploit this vulnerability.
09 July 2024
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40, warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release.
"APT 40 has previously targeted organizations in various countries, including