Latest Cybersecurity News and Articles


Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes Released for End-of-Support Products

11 September 2024
Zyxel has released critical hotfixes for its end-of-support NAS devices, NAS326 and NAS542, to address a severe command injection vulnerability (CVE-2024-6342) with a CVSS score of 9. 8.

Gallup Poll Bugs Open Door to XSS Attacks

11 September 2024
Checkmarx researchers discovered two XSS vulnerabilities on Gallup's polling site, which could allow attackers to access sensitive data, execute arbitrary code, or take over accounts.

FreeBSD Issues Urgent Security Advisory for CVE-2024-43102 (CVSS 10)

11 September 2024
FreeBSD has issued an urgent security advisory for CVE-2024-43102, a critical vulnerability with a CVSS score of 10. This flaw in the _umtx_op system call can lead to a kernel panic or code execution, jeopardizing system security.

Experts Demonstrate How to Bypass WhatsApp View Once Feature

11 September 2024
This flaw affects the browser-based web app, enabling recipients to save pictures and videos that should disappear after being viewed. While the app prohibits users from taking screenshots, this bug circumvents that protection.

German Cyber Agency Investigating APT28 Phishing Campaign

11 September 2024
The German cyber agency is investigating a phishing campaign linked to Russian state hackers APT28, who mimicked a well-known think tank's website. The hackers created a fake domain resembling the Kiel Institute for the World Economy.

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

11 September 2024
Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from 26 flaws that the tech

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

11 September 2024
Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution. A brief description of the issues is as follows - CVE-2024-29847 (CVSS score: 10.0) - A deserialization of untrusted data vulnerability that allows a remote unauthenticated attacker to achieve code execution.

Bug Left Some Windows PCs Dangerously Unpatched

10 September 2024
Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year.

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

10 September 2024
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved," ESET researcher Jakub

CISA Flags ICS Bugs in Baxter, Mitsubishi Products

10 September 2024
CISA has identified vulnerabilities in industrial control system products from Baxter and Mitsubishi that are commonly used in healthcare and critical manufacturing sectors. Both the firms have released advisories with mitigation measures.

Poland Dismantles Cyber Sabotage Group Linked to Russia, Belarus

10 September 2024
Poland has dismantled a cyber sabotage group with links to Russia and Belarus. The group attempted to disrupt the country through cyberattacks, extorting information from local government agencies and state companies related to security matters.

Kimsuky-linked Hackers Use Similar Tactics to Attack Russia and South Korea

10 September 2024
Known as Konni, the threat actor uses similar tactics in both countries since at least 2021, targeting entities like the Russian Ministry of Foreign Affairs, the Russian Embassy in Indonesia, and South Korean businesses, including a tax law firm.

Predator Spyware Roars Back with New Infrastructure, Evasive Tactics

10 September 2024
Researchers have warned of the resurgence of Predator spyware, previously thought to be inactive due to sanctions and exposure, thanks to new infrastructure and evasive tactics.

Lowe’s employees targeted with malvertising campaign

10 September 2024
Research identified a malvertising campaign targeting employees of Lowe’s.

Chinese APT Group Abuses Visual Studio Code to Target Government in Asia

10 September 2024
Chinese APT group Stately Taurus exploited Visual Studio Code to target government entities in Southeast Asia for cyberespionage. They utilized the software's reverse shell feature to infiltrate networks, a technique first detected in 2023.

Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia

10 September 2024
A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort. Cybersecurity firm Sophos, which has been monitoring the cyber offensive, said it comprises three intrusion sets tracked as Cluster

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

10 September 2024
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own

'TIDrone' Cyberattackers Target Taiwan's Drone Manufacturers

10 September 2024
TIDrone, linked to Chinese-speaking groups, deploys advanced malware through ERP software or remote desktop tools. Trend Micro identified the threat actor as actively pursuing military and satellite industrial supply chains in Taiwan.

Underground Demand for Malicious LLMs is Robust

10 September 2024
The underground market for malicious large language models (LLMs) is thriving, according to researchers from Indiana University Bloomington. They found 212 malicious LLMs for sale from April through September 2024.

Key Cyber Insurance Stakeholders Urge Government To Help Close $900B in Uncovered Risk

10 September 2024
Marsh McLennan and Zurich Insurance Group have issued a white paper highlighting the need for a public-private partnership to help close this significant coverage gap, which poses a threat to both businesses and the economy.