Latest Cybersecurity News and Articles
30 September 2024
Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks.
"These vulnerabilities pose significant real-world risks, as they could be exploited by malicious actors to cause widespread damage, including physical damage, environmental hazards, and economic losses," Bitsight researcher
30 September 2024
Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as:
147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft).
Attacks on session cookies now happen in the same order of magnitude as password-based attacks (Google).
But session hijacking isn’t a new technique – so
30 September 2024
Microsoft has detected Storm-0501 using Cobalt Strike for lateral movement across networks and deploying Embargo ransomware on victim organizations in hybrid cloud setups.
30 September 2024
Two critical vulnerabilities, CVE-2024-6592 and CVE-2024-6593, have been found in WatchGuard’s Authentication Gateway and Single Sign-On Client software by cybersecurity firm RedTeam Pentesting GmbH.
30 September 2024
Imagine a sophisticated cyberattack cripples your organization’s most critical productivity and collaboration tool — the platform you rely on for daily operations. In the blink of an eye, hackers encrypt your emails, files, and crucial business data stored in Microsoft 365, holding it hostage using ransomware. Productivity grinds to a halt and your IT team races to assess the damage as the clock
30 September 2024
KLogEXE is a C++ keylogger while FPSpy is a backdoor designed to collect system information and exfiltrate data from compromised devices. Both malware strains are primarily being distributed through spear-phishing emails.
30 September 2024
A critical security flaw, CVE-2024-43917, with a CVSS score of 9. 3, has been found in the popular WordPress plugin TI WooCommerce Wishlist, putting over 100,000 sites at risk of SQL injection attacks.
30 September 2024
A new HTML smuggling campaign is targeting Russian-speaking users, distributing DCRat malware. This marks the first time the malware has been deployed using this method, unlike common delivery methods like compromised sites or phishing emails.
30 September 2024
The malicious app, called WalletConnect, amassed over 10,000 downloads and stole around $70,000 in cryptocurrency from Android users before being removed from the Google Play Store.
30 September 2024
NIST is seeking public feedback on the draft guidelines, which can be submitted via email until October 7. The goal is to promote sensible password practices that enhance security without burdening users or compromising their online identity.
30 September 2024
A watering hole attack targeted Kurdish websites, distributing malicious APKs and spyware, compromising 25 sites for over a year. French cybersecurity firm Sekoia uncovered the campaign called SilentSelfie, delivering various info-stealers.
30 September 2024
The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users' passwords in plaintext in its systems.
The investigation, launched by the DPC the next month, found that the social media giant violated four different articles under the European Union's
29 September 2024
By focusing on its strengths and pooling information, the west can disrupt Russia’s war machine – but there’s no time to loseRussia is a “mafia state” trying to expand into a “mafia empire”, the foreign secretary, David Lammy, told the UN, nailing the dual nature of Vladimir Putin’s political model. On one hand Russia represents something very old – a world of bullying empires that invade smaller countries, grab their resources and indoctrinate their people into thinking they are inferior. But it is also something very new, weaponising corruption, criminal networks, assassinations and tech-driven psy-ops to subvert open societies. And if democracies don’t act to stop it, this malign model will be imitated across the globe.Ukraine is resisting the older, zombie imperialism every day on the battlefield, and democracies will have to arm Ukraine and ourselves to constrain Russia properly. But how should we fight the more contemporary tools of political warfare that Russia pioneers? These are becoming ever more prevalent. Globalisation was meant to make us all so integrated that it would diminish the risk of wars. Instead, the free flow of information, money and people across borders also made subversion easier than ever. At the Labour party conference, Lammy indicated that democracies need to work together to stop Russia: “Exposing their agents, building joint capability and working with the global south to take on Putin’s lies.”Do you have an opinion on the issues raised in this article? If you would like to submit a letter of up to 250 words to be considered for publication, email it to us at observer.letters@observer.co.uk Continue reading...
28 September 2024
Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to steal approximately $70,000 in cryptocurrency from victims over a period of nearly five months.
The dodgy app, identified by Check Point, masqueraded as the legitimate WalletConnect open-source protocol to trick unsuspecting users into downloading it.
"Fake
28 September 2024
HPE has released patches for three critical security vulnerabilities in Aruba's networking access points, which could allow attackers to run code on the systems by sending specially crafted packets to UDP port 8211.
28 September 2024
The Brazilian-targeted threat BBTok has a complex infection chain that starts with an email containing an ISO image. The malware compiles C# code directly on the infected machine and uses the AppDomain Manager Injection technique.
28 September 2024
The most severe issue is a stack-based buffer overflow vulnerability (CVE-2024-34026) that allows an attacker to execute remote code. Users are advised to update to the latest version of OpenPLC to protect against these security risks.
28 September 2024
The vulnerabilities could be exploited to remotely control Kia vehicles equipped with remote hardware in under 30 seconds, exposing the sensitive personal information of car owners.
28 September 2024
Experts are investigating whether the hackers gained access to Cisco Systems routers, a key component of ISP infrastructures, but Cisco has not found any indication of router involvement.
28 September 2024
U.S. federal prosecutors on Friday unsealed criminal charges against three Iranian nationals who are allegedly employed with the Islamic Revolutionary Guard Corps (IRGC) for their targeting of current and former officials to steal sensitive data.
The Department of Justice (DoJ) accused Masoud Jalili, 36, Seyyed Ali Aghamiri, 34, and Yasar (Yaser) Balaghi, 37, of participating in a conspiracy