Latest Cybersecurity News and Articles
13 April 2024
Threat actors have been exploiting the newly disclosed zero-day flaw in Palo
Alto Networks PAN-OS software dating back to March 26, 2024, nearly three
weeks before it came to light yesterday.
The network security company's Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work of a single threat actor of
13 April 2024
A proof of concept exploit was shared on the XSS hacking forum explaining that a typo in the source code for Telegram for Windows could be exploited to send Python .pyzw files that bypass security warnings when clicked.
13 April 2024
The first, not entirely new, sub-technique involves manipulation of Transparency, Consent, and Control (TCC), a security protocol that regulates application permissions on Apple's macOS.
13 April 2024
While the mobile phishing campaign has yet to reach some U.S. regions, this can be explained by the fact that complaint information collected so far by IC3 indicates the scam may be moving from state to state.
12 April 2024
"Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal.
liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software. The
12 April 2024
The security issue could lead to the exfiltration of process memory addresses, which could help attackers bypass protection mechanisms like Address Space Layout Randomization (ASLR).
12 April 2024
Apple has updated its documentation related to its warning system for mercenary spyware threats, now specifying that it alerts users when they may have been individually targeted by such attacks.
12 April 2024
The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go.
12 April 2024
Microsoft addressed two zero-day vulnerabilities, tracked as CVE-2024-29988 and CVE-2024-26234, that threat actors are exploiting to deliver malware payloads on vulnerable systems.
12 April 2024
Although cybersecurity is vital to an organization’s financial success, many companies do not have a designated cyber expert.
12 April 2024
Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system, including CVE-2024-3385, CVE-2024-3384, CVE-2024-3382.
12 April 2024
Attackers are adept at identifying and exploiting the most cost-effective methods of compromise, highlighting the critical need for organizations to implement asset identification and understand assets’ security posture in relation to the network.
12 April 2024
Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard
12 April 2024
CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations.
12 April 2024
In recent months, Sucuri researchers encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code, such as the Magento admin panel or WordPress plugins.
12 April 2024
The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go.
"While occasionally switching to a new remote administration tool or changing their C2 framework, MuddyWater’s methods remain constant," Deep
12 April 2024
In 2022, Earth Hundun began using the latest version of Waterbear (aka Deuterbear) which has several changes, including anti-memory scanning and decryption routines, that distinguish it from the original Waterbear.
12 April 2024
Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild.
Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity.
"A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature
12 April 2024
An ongoing malvertising campaign is targeting IT administrators looking to download system utilities such as PuTTY (a free SSH and Telnet client) and FileZilla (a free cross-platform FTP application).
12 April 2024
Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to evade detection.
Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS or the "Miscellaneous Scripts" section of the Magento admin panel.
"