Since early 2023, Akira ransomware has made over 250 victims worldwide and received more than $42 million in ransom payments, according to CISA, the FBI, Europol, and the Netherlands’ National Cyber Security Centre (NCSC-NL). Akira ransomware operators have been observed targeting organizations in various industries, including services and goods, manufacturing, education, construction, critical … [Read more...]
Frontier Communications Shuts Down Systems Following Cyberattack
Telecommunications giant Frontier Communications on Thursday informed the Securities and Exchange Commission (SEC) that certain systems were shut down following a cyberattack. The incident, the company said in a regulatory filing with the SEC, was identified on April 14, when a third-party “gained unauthorized access to portions of its information technology environment”. Frontier said it … [Read more...]
OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining
Cybercriminals are exploiting several critical OpenMetadata vulnerabilities to gain access to Kubernetes environments and deploy cryptocurrency mining malware, Microsoft warned this week. OpenMetadata is an open source metadata store that can be used for data discovery, cataloging and collaboration. On March 15, OpenMetadata users were informed about the existence of five vulnerabilities, … [Read more...]
SAP Applications Increasingly in Attacker Crosshairs, Report Shows
Malicious hackers are showing an alarmingly increased interest in compromising SAP applications and data at targeted organizations, according to a new report from Onapsis and Flashpoint . This interest appears fueled by a migration of SAP applications to the cloud, and an increase in adversaries ability to target misconfigurations and missing security patches in both cloud and on-premises … [Read more...]
Multi-Data Platform SIEM Anvilogic Raises $45 Million
AI-based multi-data platform SIEM Anvilogic on Wednesday announced that it has raised $45 million in Series C funding, bringing the total raised by the company to $85 million. The funding round was led by Evolution Equity Partners, with additional investment from Cervin Ventures, Foundation Capital, G Squared, Myriad Ventures, Outpost Ventures, Point72 Ventures, and Stepstone Group. Founded in … [Read more...]
United Nations Agency Investigating Ransomware Attack Involving Data Theft
The United Nations Development Programme (UNDP) announced this week that it’s investigating a cyberattack that resulted in information getting compromised. In a statement, the organization said the attack targeted local IT infrastructure in UN City, the Copenhagen-based complex that houses nearly a dozen UN agencies. The UNDP said it learned on March 27 that a “data-extortion actor had … [Read more...]
Five Eyes Agencies Release New AI Security Guidance
Organizations looking for guidance and recommendations on deploying and operating externally developed artificial intelligence systems should check out a cybersecurity information sheet authored by government agencies from the Five Eyes countries. The joint guidance, announced this week, expands on previous work and outlines methodologies for protecting data and AI systems. While the … [Read more...]
Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability
Cisco on Wednesday announced patches for a high-severity Integrated Management Controller (IMC) vulnerability for which proof-of-concept (PoC) code has been published. The issue, tracked as CVE-2024-20295 (CVSS score of 8.8) and impacting the command line interface (CLI) of IMC, allows a local attacker that has read-only or higher privileges to inject arbitrary commands on the underlying operating … [Read more...]
180k Impacted by Data Breach at Michigan Healthcare Organization
Michigan healthcare organization Cherry Street Services (Cherry Health) has started notifying over 180,000 individuals that their personal information was compromised in a ransomware attack. The incident occurred on December 21, 2023, and resulted in the disruption of certain systems, suggesting that file-encrypting ransomware might have been involved. Cherry Health initially disclosed the attack … [Read more...]
Phishing Platform LabHost Shut Down by Law Enforcement
LabHost, one of the world’s largest phishing-as-a-service platforms, has been shut down by law enforcement as part of an operation involving agencies from 19 countries. According to Europol, which coordinated the years-long operation, LabHost infrastructure was compromised and the law enforcement action culminated in several surface web sites being taken down and 37 individuals being arrested … [Read more...]
Cisco Unveils AI-Native Enterprise Security Solution Hypershield
Cisco on Thursday unveiled Hypershield, an AI-native and cloud-native enterprise security solution that offers a wide range of capabilities. Cisco has described Hypershield as a new security architecture, that it designed from the ground up with AI in mind. Hypershield is advertised as a solution that provides security for applications, devices and data across data centers, clouds and … [Read more...]
Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression
Kapeka is a new backdoor that may be a new addition to Russia-linked Sandworm’s malware arsenal and is possibly a backdoor successor to GreyEnergy. There is currently almost zero public knowledge of the Kapeka backdoor beyond a brief description from Microsoft published on February 14, 2024 concerning the discovery of a new backdoor it calls KnuckleTouch. Microsoft attributes the KnuckleTouch … [Read more...]
Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology
Tel Aviv-based startup Miggo Security has raised $7.5 million in seed funding led by YL Ventures and including Cyber Club London. Miggo is introducing a new application detection and response (ADR) technology. The internal operation of today’s complex applications is considered the biggest blind spot in corporate cybersecurity. Miggo’s new ADR is designed to do for applications what EDR does for … [Read more...]
Armis Acquires Silk Security for $150 Million
Cyber exposure management firm Armis on Wednesday announced that it has acquired cyber risk prioritization and remediation company Silk Security for $150 million. Armis wants to integrate Silk’s platform into its Centrix Vulnerability Prioritization and Remediation product, in order to boost its capabilities and enable security teams to get a consolidated view of security findings from a … [Read more...]
Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks
Threat actors are targeting multiple VPN services, web application authentication interfaces, and SSH services in mass brute-force attacks, Cisco’s Talos unit warns. As part of the observed activity, the attackers use generic usernames, as well as valid usernames for certain organizations. The attacks, however, do not appear to be focusing on a specific geographical region or industry … [Read more...]
Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product
IT software company Ivanti on Tuesday announced fixes for 27 vulnerabilities in its Avalanche enterprise mobile device management (MDM) product, including two critical-severity bugs leading to command execution. The two critical flaws, tracked as CVE-2024-24996 and CVE-2024-29204, are described as heap overflow issues in the WLInfoRailService and WLAvalancheService components of the MDM … [Read more...]
Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities
Google and Mozilla on Tuesday announced security updates that address more than 35 vulnerabilities in their browsers, including a dozen high-severity flaws. Chrome 124 was released in the stable channel with patches for 22 bugs, 13 of which were reported by external researchers. Of the externally reported flaws, three are high-severity issues. Based on the bug bounty reward handed out, the most … [Read more...]
Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44
Google Cloud’s Mandiant on Wednesday published a new report summarizing some of the latest activities of Russia’s notorious Sandworm group, which it has started tracking as APT44. Sandworm is one of Russia’s most well-known threat groups, being involved in operations whose goal is espionage, disruption, or disinformation. It’s known for the use of highly disruptive malware such as … [Read more...]
Oracle Patches 230 Vulnerabilities With April 2024 CPU
Oracle on Tuesday announced 441 new security patches as part of its April 2024 Critical Patch Update. More than 200 of them address flaws that can be exploited by remote, unauthenticated attackers. SecurityWeek has identified roughly 230 unique CVEs in Oracle’s April 2024 CPU. More than 30 security patches address critical-severity vulnerabilities. Oracle Communications received the largest number … [Read more...]
Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release
The recently disclosed Palo Alto Networks firewall vulnerability tracked as CVE-2024-3400 is being increasingly exploited in attacks after proof-of-concept (PoC) code has been made available. CVE-2024-3400 came to light on April 12, when Palo Alto Networks warned customers that it had become aware of attacks exploiting the zero-day. The flaw allows a remote, unauthenticated attacker to execute … [Read more...]
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- …
- 139
- Next Page »