Latest Cybersecurity News and Articles


Critical Vulnerabilities Found in NVIDIA Container Toolkit

27 September 2024
Nvidia Container Toolkit has critical vulnerabilities (CVE-2024-0132 and CVE-2024-0133) up to v1.16.1, allowing attackers to access the host file system, execute code, escalate privileges, and disrupt services.

U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

27 September 2024
The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals. The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

27 September 2024
A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host. The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0 out of a maximum of 10.0. It has been addressed in NVIDIA Container Toolkit version v1.16.2 and

Kryptina RaaS: From Unsellable Cast-Off to Enterprise Ransomware

26 September 2024
Mallox, known for targeting Windows systems, has expanded its operations to Linux by using a modified version of the Kryptina ransomware, named "Mallox Linux 1.0." The ransomware utilizes the same encryption algorithm as Kryptina.

Inside SnipBot: The Latest RomCom Malware Variant

26 September 2024
Unit 42 researchers discovered a new variant of the RomCom malware family called "SnipBot," designed to target enterprise networks. It can infiltrate networks, execute remote commands, and download additional malicious software.

Threat Actors Leverage Docker Swarm and Kubernetes to Mine Cryptocurrency at Scale

26 September 2024
Threat actors exploit vulnerabilities in container orchestration technologies, particularly misconfigured Docker API endpoints, to compromise containers and cloud hosts to deploy a crypto miner.

Critical SQL Injection Vulnerability Discovered in ‘The Events Calendar’ WordPress Plugin

26 September 2024
A critical SQL injection vulnerability has been discovered in The Events Calendar WordPress plugin (CVE-2024-8275), affecting all versions up to 6. 6. 4. The vulnerability has a CVSS score of 9. 8, indicating a high level of severity.

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

26 September 2024
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security

Pure Storage Reveals CVSS 10 Vulnerabilities, Putting FlashArray, FlashBlade Systems at Risk

26 September 2024
The identified flaws include a local configuration account vulnerability, remote access via privileged accounts, remote account creation, remote command execution, and SNMP configuration exploitation.

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

26 September 2024
The United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia's most active money laundering networks.

TeamViewer Urges Users to Patch Privilege Escalation Flaws

26 September 2024
TeamViewer has identified critical vulnerabilities (CVE-2024-7479 and CVE-2024-7481) in its Remote Client and Remote Host products for Windows, putting users at risk with a CVSS score of 8.8.

Critical Flaw in RAISECOM Gateways Actively Exploited, Exposing Thousands to Remote Attacks

26 September 2024
Models MSG1200, MSG2100E, MSG2200, and MSG2300 running software version 3.90 are affected. Security researcher Johannes B. Ullrich has identified two payloads used in attacks, targeting vulnerable routers.

60% of vulnerabilities were leveraged against Microsoft Exchange

26 September 2024
A recent threat report reveals that a minimum of 14 million patients in the U.S. have fallen victim to malware breaches in this sector. 

Update: GitLab Backports Fix for CVE-2024-45409 to Older Versions

26 September 2024
GitLab has released a security update to fix a critical vulnerability (CVE-2024-45409) in its Community Edition and Enterprise Edition platforms, affecting all self-managed installations

N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

26 September 2024
Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity has been attributed to an adversary tracked as Kimsuky, which is also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (formerly Thallium), Sparkling Pisces, Springtail, and Velvet Chollima. "These samples enhance Sparkling Pisces' already extensive arsenal

Overloaded with SIEM Alerts? Discover Effective Strategies in This Expert-Led Webinar

26 September 2024
Imagine trying to find a needle in a haystack, but the haystack is on fire, and there are a million other needles you also need to find. That's what dealing with security alerts can feel like. SIEM was supposed to make this easier, but somewhere along the way, it became part of the problem. Too many alerts, too much noise, and not enough time to actually stop threats. It's time for a change.

New Rust-based Splinter Post-Exploitation Tool Poses Major Risk

26 September 2024
Splinter, a new post-exploitation tool, has emerged as a threat, with attackers using it to wreak havoc by executing commands, stealing files, and downloading malware onto victims' systems.

Proxmox Virtual Environment and Mail Gateway Exposed to Critical API Vulnerability

26 September 2024
A critical vulnerability has been identified in Proxmox Virtual Environment (VE) and Proxmox Mail Gateway (PMG) that could allow unauthorized access to sensitive files and potentially lead to a full system compromise.

EPSS vs. CVSS: What’s the Best Approach to Vulnerability Prioritization?

26 September 2024
Many businesses rely on the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerabilities for prioritization. While these scores provide some insight into the potential impact of a vulnerability, they don’t factor in real-world threat data, such as the likelihood of exploitation. With new vulnerabilities discovered daily, teams don’t have the time - or the budget - to

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

26 September 2024
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusion set as long-running, with first signs of infection detected as far back as December 2022. The