The Department of Defense (DoD) Cyber Crime Center (DC3) recently announced a significant milestone in its cybersecurity efforts. The processing of over 50,000 vulnerability reports since the inception of its Vulnerability Disclosure Program (VDP) in November 2016. This program, a pioneering initiative in the federal government, was established following the “Hack the Pentagon” bug … [Read more...]
Networking Giant Cisco Finalizes Splunk Acquisition in Landmark $28 Billion Deal
Cisco has officially completed its acquisition of Splunk for a staggering $28 billion. This strategic acquisition marks a milestone in Cisco’s journey. It promises to revolutionize how organizations leverage data to connect and protect every aspect of their operations. The merger is poised to empower businesses to navigate the complexities of the digital era with enhanced security, … [Read more...]
87% of UK Organisations are Vulnerable to Cyberattacks : Microsoft AI Research
In a groundbreaking report released by Microsoft, in collaboration with Dr. Chris Brauer of Goldsmiths, University of London, an alarming 87% of UK organizations have been identified as vulnerable to cyberattacks, highlighting a critical juncture in the nation’s cybersecurity and AI ambitions. The study, titled “Mission Critical: Unlocking the UK AI Opportunity Through Cybersecurity,” … [Read more...]
WARNING: Hackers’ New Favorite Tool – Weaponized SVG Files!
Threat actors use SVG files in cyber-attacks because SVGs (Scalable Vector Graphic files) can contain embedded scripts, making them a vector for executing malicious code. Not only that even the SVG files can also bypass certain security measures as well due to their ability to blend in with legitimate web content. Recently, cybersecurity researchers at Cofense discovered that hackers … [Read more...]
LockBit Ransomware is Back From the Dead : Is Your SOC/DFIR Team Prepared?
Law enforcement disrupted LockBit ransomware operations in February, seizing infrastructure and their website. Regretfully, the victory appears to have been temporary. The gang’s leading members were not detained, and Operation Cronos’s defeat was only temporary since the group bounced back in a matter of days. A surge in LockBit activity days after the takedown indicated renewed attacks … [Read more...]
Chinese APT Hackers Exploits Government Web & Exchange Servers
A new Advanced Persistent Threat (APT) campaign, dubbed Earth Krahang, has emerged with a focus on infiltrating government entities across the globe. This campaign, active since early 2022, has been linked to a China-nexus threat actor, previously identified as Earth Lusca. Despite similarities, Earth Krahang operates with distinct infrastructure and employs unique backdoors, suggesting it’s a … [Read more...]
Critical Zoom Clients Flaw Let Attackers Escalate Privileges
A vulnerability classified as improper input validation was found in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows that could potentially allow an authenticated attacker to gain access to sensitive information on the system through the network. Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows … [Read more...]
What is CNAPP ? How It Benefits for Multi-Cloud & Hybrid Infrastructure Protection
Multi-cloud and hybrid infrastructures are becoming the norm among enterprises nowadays. Around 9 in 10 companies use a multi-cloud strategy, while 8 in 10 adopt a hybrid. This is not surprising, given the many advantages, including vendor independence, simplified management, and enhanced efficiency. However, maintaining multiple clouds and hybrid systems can be challenging, especially … [Read more...]
Korenix JetlO 6550 Vulnerability Lets Attackers Gain Unauthorized Access
Researchers at Hadess have identified a critical vulnerability in the widely-used Korenix JetlO industrial Ethernet switch series. The flaw tracked as CVE-2024-2371 could allow attackers to gain unauthorized access to sensitive data within critical infrastructure and industrial control systems (ICS). The vulnerability is rooted in the handling of the Simple Network Management Protocol … [Read more...]
Beware of Fake Chrome Update that Installs Cerberus Banking Malware
A new threat looms over Android users, masquerading as a routine Chrome update. This deceptive tactic breaches trust and directly assaults personal security, installing the notorious Cerberus banking malware onto unsuspecting devices. Here’s what you need to know about this alarming development and how to protect yourself. The Lure of the Fake Update Fake updates are a longstanding … [Read more...]
Fujitsu Hacked – Attackers Stolen Personal Information
Fujitsu has announced the discovery of malware on several of its business computers, raising concerns over the potential leak of files containing personal and customer information. The incident, disclosed on March 15, 2024, underscores the growing threats to corporate data security and the importance of robust cybersecurity measures. The Discovery Of Malware Fujitsu’s internal … [Read more...]
Malware Alert! Hackers Attacking Indian Android users With Malware-as-a-Service
A new malware campaign has been identified targeting Android users in India. This sophisticated attack distributes malicious APK packages to compromise personal and financial information. The malware, available as a Malware-as-a-Service (MaaS) offering, underscores the evolving threat landscape in the digital age. Symantec, a global leader in cybersecurity, has stepped up to protect users … [Read more...]
Cyber Security News Weekly Round-Up : Cyber Attacks, Vulnerabilities, Threats & New Cyber Stories
With our weekly cybersecurity news summary, explore and learn about the most recent developments in the cybersecurity field. This practice will allow you to remain up-to-date on the newest developments, weaknesses, groundbreaking progress, hacking incidents, potential dangers, and fresh narratives occurring within the relevant field or industry. Doing so will help you avoid … [Read more...]
Chinese Attackers Hack American Businesses Digital Locks To Steal Sensitive Data
United States Senator Ron Wyden warned and notified the Director of the National Counterintelligence and Security Center (NCSC), Michael C. Casey, that Chinese hackers are actively backdooring digital locks to steal sensitive data. As a result, Hackers target and backdoor the digital locks to gain unauthorized access to sensitive information and resources. Backdooring allows hackers to … [Read more...]
Google Chrome To Roll Out Real-Time URL Protection For Malware & Phishing Attack
Google Chrome has been protecting users from malicious websites and files with Safe Browsing, which maintains a locally-stored list updated every 30-60 minutes. It is becoming insufficient as unsafe sites can emerge and disappear within 10 minutes. To address it, Chrome is introducing a new version of Safe Browsing that provides real-time URL protection without compromising user … [Read more...]
How to Set Up a Network Research Laboratory for Malware Analysis (SOC & DFIR Teams)
To analyze a security vulnerability (CVE-2024-21413) in Outlook, a controlled environment can be set up using a virtual machine (ANY.RUN) within a local virtual private network (VPN). Researchers can learn more about the exploit by making a proof-of-concept (PoC) and testing its functionality in a separate environment. During the PoC execution, tools like Impacket can be used … [Read more...]
Hackers Deliver FakeBat Malware via MSIX Installer Files
Cybercriminals have been distributing a new strain of malware, dubbed FakeBat, by exploiting the trust in MSIX installer files. This alarming trend has raised concerns as it involves masquerading as legitimate software applications, including popular productivity tools like Notion, Trello, Braavos, and OneNote. The Lure of Legitimacy The attackers have cleverly designed their campaign to … [Read more...]
Hackers Unveiled Notorious Android Brata RAT Tool Features
A threat actor recently shared details about the Brata RAT (Remote Administration Tool) Program online. This advanced Android remote management software raises alarms due to its extensive capabilities, which could be exploited for malicious purposes. Advanced Evasion Techniques The Brata RAT Program boasts various features designed to evade detection and maintain persistence on infected … [Read more...]
Hackers Abuse Venmo Payment Service to Steal Login Details
Venmo, a mobile payment service owned by PayPal, has become a household name in the United States. It facilitates a convenient way for friends to exchange money and for businesses to transact with customers. With significant year-over-year growth, Venmo reported a total payment value of $68 billion in Q3 of 2023, according to Statista, ranking it among the top three payment brands in the U.S. … [Read more...]
Cisco Released IOS XR Software Security Advisory
Cisco Systems, Inc., announced the release of its semiannual security advisory bundle, which addresses critical vulnerabilities in its IOS XR Software. This publication is part of Cisco’s commitment to transparency and continuous improvement in cybersecurity. It aligns with their scheduled advisory releases on the second Wednesday of March and September each year. Cisco’s decision to release … [Read more...]
- « Previous Page
- 1
- …
- 12
- 13
- 14
- 15
- 16
- …
- 81
- Next Page »