Latest Cybersecurity News and Articles
12 August 2024
The first vulnerability, CVE-2024-42219, allows bypassing inter-process communication protections and impersonation of trusted 1Password integrations. The second, CVE-2024-42218, lets attackers bypass security mechanisms using outdated app versions.
12 August 2024
Shorter TLS certificate lifespans are expected to create challenges for management efforts, with 76% of security leaders acknowledging the need to transition to shorter lifespans for increased security, according to Venafi.
12 August 2024
The vulnerabilities affect devices before the Sonos S2 release 15.9 and Sonos S1 release 11.12. These flaws could be exploited to compromise devices over the air and capture audio covertly.
12 August 2024
CrowdStrike is looking to acquire patch management specialist Action1 in a deal worth nearly $1 billion. Action1's Co-Founder and CEO confirmed the discussions with CrowdStrike employees in a memo.
12 August 2024
The vulnerabilities affect all versions of OpenVPN prior to 2.6.10 and 2.5.10. Attackers could gain full control over targeted endpoints by exploiting these vulnerabilities.
12 August 2024
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress.
What's behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like malicious emails
12 August 2024
Researchers at AppOmni revealed that adversaries no longer need to complete all seven stages of a traditional kill chain to achieve their goals. This shift requires organizations to rethink their cybersecurity strategies.
12 August 2024
Earth Baku has expanded its operations beyond the Indo-Pacific region to Europe, the Middle East, and Africa. They are now targeting countries like Italy, Germany, UAE, and Qatar, with suspected activities in Georgia and Romania.
12 August 2024
Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts.
"If exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing
12 August 2024
After a good year of sustained exuberance, the hangover is finally here. It’s a gentle one (for now), as the market corrects the share price of the major players (like Nvidia, Microsoft, and Google), while other players reassess the market and adjust priorities. Gartner calls it the trough of disillusionment, when interest wanes and implementations fail to deliver the promised breakthroughs.
12 August 2024
RunZero recently released SSHamble, an open-source tool for testing the security of SSH services. This tool helps security teams detect dangerous misconfigurations and software bugs in SSH implementations.
12 August 2024
The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could potentially exploit to execute arbitrary code remotely with elevated privileges.
The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity.
"A signal handler in sshd(8) may call a logging function
12 August 2024
he vulnerability, tracked as CVE-2024-20419, allows unauthenticated attackers to change any user's password remotely. To secure vulnerable Cisco Smart Software Manager On-Prem servers, admins must upgrade to a fixed release.
12 August 2024
Gaining visibility in OT networks is challenging due to differences in communication protocols between IT and OT systems. Building trust between OT and IT teams is essential, as their priorities often conflict.
12 August 2024
The phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine.
12 August 2024
The initiative, called Secure by Design, was introduced by the Cybersecurity and Infrastructure Security Agency at the RSA Conference, with an initial 70 firms committing to improving security features.
12 August 2024
A comprehensive analysis of data theft incidents investigated by ReliaQuest from September 2023 to July 2024 revealed that Rclone, WinSCP, and cURL are among the most prevalent exfiltration tools used by threat actors.
12 August 2024
Researchers discovered that a solar grid responsible for 20% of the world's solar power output, enough to power the entire United States, is at risk of being hijacked due to vulnerabilities in PV plant management platforms.
12 August 2024
Recent findings indicate that the 7777 botnet (aka Quad7) has likely expanded, adding new bots with open port 63256, primarily including Asus routers. As of August 5, 2024, the total number of active bots stood at 12,783.
12 August 2024
The malware attack flow involves luring users with fake websites imitating popular downloads, then executing PowerShell scripts to download and install malicious extensions that steal private data and control browser settings.