Latest Cybersecurity News and Articles
11 September 2024
Zyxel has released critical hotfixes for its end-of-support NAS devices, NAS326 and NAS542, to address a severe command injection vulnerability (CVE-2024-6342) with a CVSS score of 9. 8.
11 September 2024
Checkmarx researchers discovered two XSS vulnerabilities on Gallup's polling site, which could allow attackers to access sensitive data, execute arbitrary code, or take over accounts.
11 September 2024
FreeBSD has issued an urgent security advisory for CVE-2024-43102, a critical vulnerability with a CVSS score of 10. This flaw in the _umtx_op system call can lead to a kernel panic or code execution, jeopardizing system security.
11 September 2024
This flaw affects the browser-based web app, enabling recipients to save pictures and videos that should disappear after being viewed. While the app prohibits users from taking screenshots, this bug circumvents that protection.
11 September 2024
The German cyber agency is investigating a phishing campaign linked to Russian state hackers APT28, who mimicked a well-known think tank's website. The hackers created a fake domain resembling the Kiel Institute for the World Economy.
11 September 2024
Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024.
The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from 26 flaws that the tech
11 September 2024
Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in remote code execution.
A brief description of the issues is as follows -
CVE-2024-29847 (CVSS score: 10.0) - A deserialization of untrusted data vulnerability that allows a remote unauthenticated attacker to achieve code execution.
10 September 2024
Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year.
10 September 2024
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses (SMBs) in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub.
"CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved," ESET researcher Jakub
10 September 2024
CISA has identified vulnerabilities in industrial control system products from Baxter and Mitsubishi that are commonly used in healthcare and critical manufacturing sectors. Both the firms have released advisories with mitigation measures.
10 September 2024
Poland has dismantled a cyber sabotage group with links to Russia and Belarus. The group attempted to disrupt the country through cyberattacks, extorting information from local government agencies and state companies related to security matters.
10 September 2024
Known as Konni, the threat actor uses similar tactics in both countries since at least 2021, targeting entities like the Russian Ministry of Foreign Affairs, the Russian Embassy in Indonesia, and South Korean businesses, including a tax law firm.
10 September 2024
Researchers have warned of the resurgence of Predator spyware, previously thought to be inactive due to sanctions and exposure, thanks to new infrastructure and evasive tactics.
10 September 2024
Research identified a malvertising campaign targeting employees of Lowe’s.
10 September 2024
Chinese APT group Stately Taurus exploited Visual Studio Code to target government entities in Southeast Asia for cyberespionage. They utilized the software's reverse shell feature to infiltrate networks, a technique first detected in 2023.
10 September 2024
A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort.
Cybersecurity firm Sophos, which has been monitoring the cyber offensive, said it comprises three intrusion sets tracked as Cluster
10 September 2024
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.
Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own
10 September 2024
TIDrone, linked to Chinese-speaking groups, deploys advanced malware through ERP software or remote desktop tools. Trend Micro identified the threat actor as actively pursuing military and satellite industrial supply chains in Taiwan.
10 September 2024
The underground market for malicious large language models (LLMs) is thriving, according to researchers from Indiana University Bloomington. They found 212 malicious LLMs for sale from April through September 2024.
10 September 2024
Marsh McLennan and Zurich Insurance Group have issued a white paper highlighting the need for a public-private partnership to help close this significant coverage gap, which poses a threat to both businesses and the economy.