Latest Cybersecurity News and Articles


TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

14 September 2024
Cybersecurity researchers at Cleafy discovered a new variant of the TrickMo Android banking trojan that evades analysis and displays fake login screens to steal banking credentials.

Fileless Remcos RAT Campaign Leverages CVE-2017-0199 Flaw

14 September 2024
In a newly uncovered advanced malware campaign, threat actors are using a complex, fileless approach to deliver the Remcos Remote Access Trojan (RAT), leveraging a benign-looking Excel document as the attack vector.

Chinese-Made Port Cranes in US Included ‘Backdoor’ Modems, House Report Says

14 September 2024
A recent congressional investigation revealed that Chinese-made port cranes in the United States contained hidden modems that could provide unauthorized access to the machines.

New Android Malware Ajina.Banker Steals 2FA Codes, Spreads via Telegram

14 September 2024
Discovering the threat in May 2024, Group-IB highlighted that the malware is spread through Telegram channels disguised as legitimate banking and government service applications.

Hackers Have Sights Set on Four Microsoft Vulnerabilities, CISA Warns

14 September 2024
Federal civilian agencies have until the end of the month to address these issues. The vulnerabilities are part of Microsoft's monthly security release, with CVE-2024-43491 considered the most concerning due to its severity score.

Targeted Campaigns in Retail Sector Involve Domain Fraud, Brand Impersonation, and Ponzi Schemes

14 September 2024
Threat actors are actively engaging in domain fraud, brand impersonation, and Ponzi schemes targeting the retail sector, which plays a significant role in the global economy.

New Vo1d Malware Infects 1.3 Million Android Streaming Boxes

14 September 2024
The Vo1d malware campaign targets specific Android firmware versions like Android 7.1.2 and Android 10.1. The malware modifies system files to launch itself on boot and persist on the device.

Update: Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities

14 September 2024
Trend Micro researchers uncovered remote code execution attacks targeting Progress Software's WhatsUp Gold using the vulnerabilities tracked as CVE-2024-6670 and CVE-2024-6671.

Citrix Workspace App Users Urged to Update Following Two Privilege Escalation Flaws

14 September 2024
Users of Citrix Workspace App are advised to update due to two privilege escalation flaws. Cloud Software Group disclosed vulnerabilities (CVE-2024-7889 & CVE-2024-7890) in the Windows app, allowing attackers to gain high-level access.

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

14 September 2024
Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances. "An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows

64% of education IT workers say ransomware impacts education quality

13 September 2024
A new survey reveals IT leaders’ concerns about cybersecurity in education. 

Critical Severity Flaw Exposes Siemens Industrial Systems

13 September 2024
This flaw, tracked as CVE-2024-35783 and with a CVSS score of 9.4, affects SIMATIC Process Historian, PCS 7, and WinCC, allowing attackers to gain elevated privileges and execute arbitrary commands.

SolarWinds Reveals RCE Flaw in Access Rights Manager

13 September 2024
SolarWinds has disclosed two vulnerabilities in their Access Rights Manager (ARM) software: CVE-2024-28990 (CVSS 6. 3) allows for a hardcoded credential authentication bypass, while CVE-2024-28991 (CVSS 9. 0) enables remote code execution.

Fake Recruiter Coding Tests Target Developers With Malicious Python Packages

13 September 2024
The Lazarus Group has been targeting developers in a new VMConnect campaign, using fake job interviews to trick them into downloading malicious software packages from open-source repositories.

Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

13 September 2024
Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device's virtual keyboard. The attack, dubbed GAZEploit, has been assigned the CVE identifier CVE-2024-40865. "A novel attack that can infer eye-related biometrics from the avatar image to

Update: Hackers Target Apache OFBiz RCE Flaw CVE-2024-45195 After PoC Exploit Released

13 September 2024
Hackers are targeting an RCE vulnerability (CVE-2024-45195) in Apache OFBiz after the release of a Proof of Concept (PoC) exploit. Malicious requests have been detected, with attacks focusing on the financial services industry and business sectors.

17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for London

13 September 2024
British authorities on Thursday announced the arrest of a 17-year-old male in connection with a cyber attack affecting Transport for London (TfL). "The 17-year-old male was detained on suspicion of Computer Misuse Act offenses in relation to the attack, which was launched on TfL on 1 September," the U.K. National Crime Agency (NCA) said. The teenager, who's from Walsall, is said to have been

Chinese-speaking Hackers Linked to DragonRank SEO Manipulator Service

13 September 2024
By exploiting web app services, the attackers deploy a web shell to launch malware and gather credentials, compromising IIS servers to spread the BadIIS malware. The malware facilitates proxy ware and SEO fraud by manipulating search engine rankings.

Two Critical RCE Flaws Discovered in Docker Desktop

13 September 2024
Two critical remote code execution (RCE) flaws, identified as CVE-2024-8695 and CVE-2024-8696, have been uncovered in Docker Desktop, a popular tool for containerized application development.

The Dark Nexus Between Harm Groups and ‘The Com’

13 September 2024
A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others.