Latest Cybersecurity News and Articles
23 August 2024
A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021.
Deniss Zolotarjovs (aka Sforza_cesarini) has been charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion. He was arrested in Georgia in December 2023 and has since been extradited to
22 August 2024
Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors.
The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was released by Shanghai Fudan Microelectronics in 2020.
"The FM11RF08S backdoor enables any
22 August 2024
SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances.
"The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data," the company
22 August 2024
Details have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection.
The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control
22 August 2024
A new report details the top threat trends observed in the first half of 2024, including the most targeted industries.
22 August 2024
As many as 15,000 applications using Amazon Web Services' (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications.
That's according to findings from Israeli cybersecurity company Miggo, which dubbed the problem ALBeast.
"This vulnerability allows attackers to
22 August 2024
Researchers discovered 8 vulnerabilities in macOS operating system Microsoft apps, and security leaders are sharing their insights.
22 August 2024
A report found that 78% of technology leaders are concerned about security threats in Software-as-a-Service for application and software development.
22 August 2024
The vulnerability allows attackers to inject malicious content into annotations, leading to arbitrary command injection and potential access to controller credentials, enabling full access to cluster secrets.
22 August 2024
Google released an emergency security update to fix the ninth zero-day vulnerability exploited in attacks this year. The vulnerability, known as CVE-2024-7971, involves a type confusion weakness in Chrome's V8 JavaScript engine.
22 August 2024
The widely used LiteSpeed Cache plugin for WordPress is being actively exploited through a critical security vulnerability, CVE-2024-28000, with over 30,000 attack attempts blocked in just 24 hours.
22 August 2024
What is Continuous Attack Surface Penetration Testing or CASPT?
Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization's digital assets to identify and mitigate security vulnerabilities. CASPT is designed for enterprises with an
22 August 2024
RipperSec, a pro-Palestinian hacktivist group based in Malaysia, has released MegaMedusa, a publicly available Web DDoS attack tool that simplifies launching large-scale DDoS attacks.
22 August 2024
Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild.
Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine.
"Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap
22 August 2024
Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges.
"The plugin suffers from an unauthenticated privilege escalation vulnerability which allows any unauthenticated visitor to gain Administrator level access after which malicious plugins could be uploaded and
22 August 2024
GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.
The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5.
"On GitHub Enterprise Server instances that use SAML single sign-on (SSO)
22 August 2024
Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances.
"Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords," Aqua security researcher Assaf Morag said in a technical report.
"
21 August 2024
Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information.
Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack.
"An authenticated attacker can bypass Server-Side Request
21 August 2024
New research reveals that malicious actors are imitating tech companies in an effort to compromise corporate systems.
21 August 2024
A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign.
Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky.
MoonPeak, under active development