Latest Cybersecurity News and Articles
19 July 2024
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike.
"CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not impacted. This is
19 July 2024
Most of the SEC civil fraud case against SolarWinds was dismissed by a U.S. District Court judge, but key allegations related to misleading investors about cybersecurity practices leading up to the 2020 Sunburst hack remain.
19 July 2024
Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world.
The defendants include Ruslan Magomedovich Astamirov, 21, of Chechen Republic, and Mikhail Vasiliev, 34, a dual Canadian and Russian national of Bradford, Ontario.
Astamirov was arrested in Arizona by U.S. law
19 July 2024
The Revolver Rabbit cybercriminal gang has registered over 500,000 domain names for infostealer campaigns targeting Windows and macOS systems. They utilize registered domain generation algorithms (RDGAs) to rapidly register multiple domains at once.
19 July 2024
Grype is an open-source vulnerability scanner for container images and filesystems that works with Syft to detect vulnerabilities in major operating system and language-specific packages like Alpine, Debian, Ruby, Java, Python, and more.
19 July 2024
The malware's driver was signed by Microsoft but attributed to a suspicious Chinese company, Hubei Dunwang Network Technology Co., Ltd. The company exploited Microsoft's driver code-signing requirements to obtain an Extended Verification certificate.
19 July 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has appointed new leaders to its cybersecurity division and stakeholder engagement role to enhance national cyber defenses and foster collaboration between the public and private sectors.
19 July 2024
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.
In the current cyber threat landscape, the protection of personal and corporate identities has become vital.
19 July 2024
By configuring multiple RDP sessions with RDPWrapper and using Tailscale for secure network connections, attackers can maintain access and exfiltrate sensitive data discreetly.
19 July 2024
This new capability combines DNS-based Authentication of Named Entities (DANE) for SMTP and Domain Name System Security Extensions (DNSSEC) to protect against downgrade and man-in-the-middle attacks.
19 July 2024
Security researchers discovered vulnerabilities in SAP AI Core that allowed attackers to execute arbitrary code, access sensitive data and cloud credentials, and manipulate internal artifacts.
19 July 2024
Cyberattacks on Israeli organizations have more than doubled since the October 7 terrorist attack, with politically-motivated groups like hackers affiliated with Iran and Hezbollah, along with hacktivists, being the main drivers behind these attacks.
19 July 2024
A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information.
These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future's Insikt Group said.
Targets of the ongoing campaign
19 July 2024
As per the Cyware survey, 91% of respondents recognize the significance of collaboration in cybersecurity, but many struggle to effectively combine insights across teams and platforms.
19 July 2024
Cisco has addressed a critical vulnerability that allows attackers to add new users with root privileges and crash Security Email Gateway (SEG) appliances by sending emails with malicious attachments.
19 July 2024
Event Overview
The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing's Product Manager.
Key Speakers and Their
19 July 2024
The vulnerabilities (CVE-2024-23469, CVE-2024-23466, CVE-2024-23467, CVE-2024-28074, CVE-2024-23471, and CVE-2024-23470) were all rated with severity scores of 9.6/10 and posed risks of unauthorized actions and information disclosure.
19 July 2024
With over 150 organizations in 25 countries affected, Qilin's sophisticated tactics include exploiting vulnerabilities, using tools like Mimikatz for privilege escalation, and evading defenses by deleting logs and using PowerShell commands.
19 July 2024
Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific China-based APT41 hacking group.
"APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since
19 July 2024
SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code.
Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0. The remaining four weaknesses have been rated High in severity, with each of them having a CVSS