Latest Cybersecurity News and Articles
25 August 2024
Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code.
The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon's Stroz Friedberg incident response services team.
"This advanced threat, active since 2022, hides
24 August 2024
The NSA has released guidelines to improve logging and threat detection for Living-off-the-Land (LotL) attacks in cloud services, enterprise networks, mobile devices, and OT networks as part of a global effort for critical infrastructure security.
24 August 2024
The CISA has added new vulnerabilities to its Known Exploited Vulnerabilities catalog, including Dahua IP Camera authentication bypass flaws, a Linux Kernel buffer overflow issue, and a Microsoft Exchange Server vulnerability.
24 August 2024
Liverpool fans have suffered the most in Premier League ticket scams for the 2023/24 season, losing over £17,000 (~$22,460) to criminals, as revealed by a report from NatWest Bank. Arsenal supporters were also hit hard, losing £12,000 (~$15,855).
24 August 2024
Greasy Opal, a well-known developer, has been aiding cybercriminals for 16 years by offering a tool that can solve CAPTCHAs automatically on a large scale, bypassing security measures.
24 August 2024
The urgent security update, Microsoft Edge Stable Channel Version 128.0.2739.42, based on Chromium versions 128.0.6613.85 and 128.0.6613.84, addresses a total of 25 security issues.
24 August 2024
Slack fixed a vulnerability in its AI feature that could allow attackers to steal data from private channels. The flaw involved a prompt injection flaw in an AI feature, which allowed attackers to manipulate the system to perform malicious actions.
24 August 2024
The China-linked APT group Velvet Ant exploited a zero-day vulnerability in Cisco switches, CVE-2024-20399, to take control of network devices. The flaw in Cisco NX-OS Software's CLI enabled attackers with Admin credentials to run arbitrary commands.
24 August 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation.
The medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload bug impacting the "Change Favicon" feature that could allow a threat actor to
24 August 2024
DataDome researchers found that major UK political parties lack critical security features to protect against bot and credential stuffing attacks on their donation platforms.
24 August 2024
Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian state-sponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S.
The activity cluster, which originated from Iran, "appeared to have focused on political and diplomatic
24 August 2024
Hackers are now using AppDomain Injection to drop Cobalt Strike beacons in a series of attacks that began in July 2024. This technique, known as AppDomain Manager Injection, can weaponize any Microsoft .NET application on Windows.
24 August 2024
This vulnerability allows local attackers to escalate privileges to SYSTEM level through a heap-based buffer overflow. With a CVSS score of 7.8, CVE-2024-38054 is a critical flaw patched by Microsoft in July.
23 August 2024
This malware allows attackers to emulate victims' cards, enabling them to make unauthorized payments or withdraw cash from ATMs. The campaign has been active since November 2023.
23 August 2024
Disguised as a legitimate software, Cthulhu Stealer is designed to steal credentials, cryptocurrency wallets, and other sensitive information. It prompts users to enter their system password and MetaMask password, exfiltrating them to a C2 server.
23 August 2024
These vulnerabilities pose risks to organizations using outdated versions, allowing unauthorized access to sensitive data and privilege escalation through SQL Injection techniques.
23 August 2024
A recent Qilin ransomware attack targeted several endpoints, stealing VPN credentials and Chrome browser data. This attack, detected in July 2024, involved network access through compromised VPN credentials without multi-factor authentication.
23 August 2024
SonicWall has released an urgent patch to address a critical vulnerability (CVE-2024-40766) in SonicOS, which could allow unauthorized access to their firewalls. The vulnerability could lead to system compromise and network disruption.
23 August 2024
Research reveals the 5 most prominent ransomware groups and malware delivering ransomware.
23 August 2024
Cryptojacking attackers are targeting poorly secured PostgreSQL databases on Linux systems. According to Aqua Security researchers, the attack begins with brute-force attempts to gain access to the database credentials.