Latest Cybersecurity News and Articles
26 July 2024
The new warning messages help users understand the danger posed by each downloaded file from the Internet. Google has implemented a two-tier download warning system using AI-powered malware verdicts from its Safe Browsing service.
26 July 2024
The vulnerability, tracked as CVE-2024-6327, allows attackers to execute code on unpatched servers through deserialization of untrusted data. The issue affects Report Server 2024 Q2 (10.1.24.514) and earlier versions.
26 July 2024
The recent developments in SocGholish infection tactics target WordPress-based websites. The attack sequence involves initial access through compromised websites with vulnerable WordPress plugins.
26 July 2024
Mimecast has acquired veteran data security firm Code42, adding 175 employees to its team. Code42, founded in 2001, focuses on expanding its data protection platform, Incydr, with recent enhancements for source code exfiltration detection.
26 July 2024
The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world.
"Rim Jong Hyok and his co-conspirators deployed
26 July 2024
Patchwork hackers targeted Bhutan using the advanced Brute Ratel C4 tool, along with an updated backdoor called PGoShell. This marks the first time Patchwork has been observed using the red teaming software.
26 July 2024
Email security gaps in gateway defenses have allowed phishing hackers to sneak malware past static scanning functions. Hackers hid malicious attachments by using a decoy file extension in a compressed archive.
26 July 2024
Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining.
Cloud security firm Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023.
"Unbeknownst to
26 July 2024
CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign.
The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter
26 July 2024
Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution.
The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier.
"In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code
26 July 2024
With a year in the rearview mirror, security professionals are reflecting on the SEC cyber disclosure ruling.
25 July 2024
Researchers have uncovered a vulnerability in Google Cloud Platform's Cloud Functions service called ConfusedFunction. This flaw allows an attacker to escalate their privileges to access other services and sensitive data in an unauthorized manner.
25 July 2024
North Korean hackers, specifically the Andariel hacking group, are now targeting the healthcare, energy, and financial sectors according to a Mandiant report. This group is believed to be associated with North Korea's Reconnaissance General Bureau.
25 July 2024
Critical infrastructure organisations are strongly encouraged to stay vigilant to DPRK-sponsored cyber operations.
25 July 2024
A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country.
Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps with names such as Andariel, Nickel Hyatt,
25 July 2024
The malicious file, disguised as “Recommendation for the award of President’s.docm,” contained a VBA script that executed the CrimsonRAT remote control program, capable of stealing sensitive information.
25 July 2024
According to a Seemplicity survey, AI is speeding up code development faster than security teams can keep up, leading to concerns about vulnerability management. 91% of organizations are increasing their security budgets.
25 July 2024
The critical vulnerability in Docker Engine, identified as CVE-2024-41110 with a severity score of 10/10, was first discovered in 2018 and reappeared due to a missed patch in January 2019. It allows attackers to bypass authorization plugins.
25 July 2024
The 2024 Mid-Year Cyber Threat Report from SonicWall revealed a 30% increase in malware-based threats compared to 2023, with a significant spike in attacks from March to May, including 78,923 new variants observed in the first half of 2024.
25 July 2024
Stargazer Goblin has been distributing various malware families like Atlantida Stealer, Lumma, and Rhadamanthys, since at least August 2022. The threat actor charges users to "star" repositories with fake accounts, increasing their credibility.