Latest Cybersecurity News and Articles


Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks

09 September 2024
The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia. "This threat actor used Visual Studio Code's embedded reverse shell feature to gain a foothold in target networks," Palo Alto Networks Unit 42 researcher Tom Fakterman said in a

HAProxy Vulnerability CVE-2024-45506 Under Active Exploit: Urgent Patching Required

09 September 2024
This flaw in the HTTP/2 multiplexer can lead to an endless loop, system crashes, and remote denial-of-service attacks, with a CVSS score of 7. 5. The vulnerability impacts HAProxy Enterprise, ALOHA, and Kubernetes Ingress Controller products.

Planned Parenthood of Montana experienced a cyber attack

09 September 2024
Planned Parenthood of Montana experienced a cyber attack that allegedly exposed 93 gigabytes of data. 

Critical GeoServer Flaw Enabling Global Hack Campaigns

09 September 2024
The flaw in GeoServer, tracked as CVE-2024-36401 and with a CVSS score of 9.8, was swiftly capitalized on by hackers who launched campaigns using botnet families and cryptominers to spread malicious tools like Goreverse, a reverse proxy server.

Webinar: How to Protect Your Company from GenAI Data Leakage Without Losing It’s Productivity Benefits

09 September 2024
GenAI has become a table stakes tool for employees, due to the productivity gains and innovative capabilities it offers. Developers use it to write code, finance teams use it to analyze reports, and sales teams create customer emails and assets. Yet, these capabilities are exactly the ones that introduce serious security risks. Register to our upcoming webinar to learn how to prevent GenAI data

LummaC2 Stealer and Malicious Chrome Extension Wreak Havoc

09 September 2024
This attack begins with victims unknowingly downloading a malicious ZIP archive containing an installer file that sideloads a malicious DLL. This DLL then downloads the LummaC2 Stealer and a PowerShell script from a command-and-control server.

SonicWall SSLVPN Access Control Flaw is Now Exploited in Akira Ransomware Attacks

09 September 2024
Initially believed to only impact SonicOS management access, it has now been confirmed to affect SSLVPN on SonicWall firewalls, including by Akira ransomware affiliates targeting accounts with disabled MFA and outdated firmware versions.

Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free

09 September 2024
Designed to be more than a one-time assessment— Wing Security’s SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture—and it’s free! Introducing SaaS Pulse: Free Continuous SaaS Risk Management  Just like waiting for a medical issue to become critical before seeing a doctor, organizations can’t afford to overlook the constantly

Unmasking PackXOR: The FIN7 Packer Exposed

09 September 2024
Despite its connection to FIN7, other threat actors have also employed PackXOR to distribute payloads like XMRig cryptominer and R77 rootkit, often in conjunction with SilentCryptoMiner.

Feds Warn Health Sector to Patch Apache Tomcat Flaws

09 September 2024
The Department of Health and Human Services' Health Sector Cybersecurity Coordination Center highlighted the ongoing discovery of vulnerabilities in Tomcat that pose a risk to organizations.

Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor

09 September 2024
Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that could result in the execution of arbitrary operating system commands. Tracked as CVE-2024-7591 (CVSS score: 10.0), the vulnerability has been described as an improper input validation bug that results in OS command injection. "It is possible for unauthenticated, remote

Feds Indicted Two Alleged Administrators of WWH Club Dark Web Marketplace

09 September 2024
Two men from Russia and Kazakhstan, Alex Khodyrev and Pavel Kublitskii, have been indicted in Tampa, Florida, for operating the Dark Web cybercriminal marketplace WWH Club.

Absolute Purchases Syxsense to Tackle Cyber Vulnerabilities

09 September 2024
Absolute Security has acquired Syxsense, an endpoint and vulnerability management provider, to enhance its cyber resilience platform. The acquisition aims to simplify patching and remediation through automated workloads.

Critical Flaw in IBM webMethods Integration Demand Immediate Action

09 September 2024
IBM webMethods Integration Server is hit by a critical flaw (CVE-2024-45076) with a CVSS score of 9. 9, demanding urgent attention. This flaw allows authenticated users to execute arbitrary commands, escalate privileges, and access sensitive files.

New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

09 September 2024
Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent. The malware "targets mnemonic keys by scanning for images on your device that might contain them," McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K. The campaign makes use

Red Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw (CVE-2024-7923)

09 September 2024
Red Hat has issued a critical security advisory for an authentication bypass vulnerability (CVE-2024-7923) in Pulpcore, a content management system used in Red Hat Satellite deployments.

TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign

09 September 2024
A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains. The exact initial access vector used

U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks

09 September 2024
The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155). "These cyber actors are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm

BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar

07 September 2024
The BlindEagle APT group has recently targeted the Colombian insurance sector. The attack chain starts with a phishing email impersonating DIAN, the Colombian tax authority.

Veeam Backup & Replication Faces RCE Flaw Allows Full System Takeover

07 September 2024
A critical Remote Code Execution (RCE) flaw, CVE-2024-40711, with a CVSS score of 9. 8 has been discovered in Veeam Backup & Replication, allowing unauthorized attackers to take full control over systems.