Recent security findings reveal that Progress Software’s WhatsUp Gold, a prominent enterprise network monitoring and management solution, harbors significant vulnerabilities that could lead to full system compromise. This critical flaw, designated CVE-2024-4885, poses a severe threat to the security of affected show more ...
Employee cybersecurity training programs and phishing tests are usually a good thing for cyber preparedness, but one university went way too far and wound up causing a panic. Last week, students and staff at the University of California Santa Cruz (UCSC) received an email with the subject line “Emergency show more ...
In a recent attack, a North Korean threat actor leveraged a zero-day vulnerability in Google's Chromium browser to deploy the FudModule rootkit, targeting cryptocurrency firms for financial gain. Microsoft uncovered a sophisticated cyber operation involving a North Korean threat actor exploiting a zero-day show more ...
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Department of Health and Human Services (HHS) have issued a joint advisory on a ransomware-as-a-service (RaaS) variant known as RansomHub. This new show more ...
Researchers have uncovered a new wave of activity by the Iranian state-sponsored threat actor known as Peach Sandstorm. Between April and July 2024, the group deployed a custom multi-stage backdoor called Tickler in operations targeting the satellite, communications, oil and gas, and government sectors in the United show more ...
The arrest of Pavel Durov, the founder and CEO of Telegram, on August 24, 2024, has ignited an international uproar with #FreeDurov and #OpDurov campaigns, focusing attention on the intersection of digital activism, social media governance, and freedom of speech. Durov’s apprehension, stemming from allegations that show more ...
Fota Wildlife Park, one of Ireland's premier wildlife attractions, has fallen victim to a cyberattack that has potentially compromised the personal and financial information of its visitors. The Wildlife Park, renowned for its commitment to conservation and education, is now facing a different kind of show more ...
Durex India, the local arm of the popular British condom and personal lubricants brand, has reportedly suffered a significant cyberattack that has exposed sensitive customer information online. The Durex India data breach reportedly involved a leak of sensitive customer data being accessible through an inadequately show more ...
Researchers have discovered a botnet campaign that is exploiting several vulnerabilities, including a zero-day vulnerability (CVE-2024-7029) in AVTECH closed-circuit television (CCTV) cameras that could allow for remote code execution. CVE-2024-7029 has been known for five years but has only been assigned a CVE now, show more ...
The Cybersecurity and Infrastructure Security Agency (CISA) announced the launch of its new CISA Services Portal, which includes an updated cyber incident reporting form. This move is part of CISA's ongoing efforts to enhance cyber incident reporting across the United States. As the nation's premier cyber show more ...
A sophisticated cyberespionage campaign targeting East Asian countries has been uncovered, with the APT-C-60 group exploiting a zero-day vulnerability in WPS Office to deploy the notorious SpyGlace backdoor. This incident highlights the ongoing threat posed by zero-day vulnerabilities and the importance of timely show more ...
After many years of research and testing, in mid-August 2023, the U.S. National Institute of Standards and Technology (NIST) finally introduced fully-fledged post-quantum encryption standards — FIPS 203, FIPS 204, and FIPS 205. So lets discuss them and see why they should be adopted as soon as possible. Why do we show more ...
_Borka_Kiss_Alamy.jpg)
Identity management sits with IT for good reason, but now that identity is the common denominator in every attack, it's time identity security was owned by a leader with a security background, like the CISO.
The global malware campaign (that must not be named?) is targeting organizations by impersonating tax authorities, and using custom tools like Google Sheets for command and control.
Russia's Midnight Blizzard infected Mongolian government websites to try to compromise the devices of visitors, using watering-hole tactics.
The software verification and validation efforts helps NASA improve the safety and cost-effectiveness of its mission critical software. Cybersecurity is now part of the evaluation.
A critical vulnerability, CVE-2024-42815, with a CVSS score of 9.8, has been discovered in TP-Link RE365 V1_180213 series routers, allowing for remote exploitation and potential takeover.
The domain actsblue[.]com is posing as the legitimate actblue[.]com, a platform for Democratic Party donations. The malicious site is registered anonymously with Namecheap, making it difficult to trace back to the threat actors.
The spear-phishing emails impersonate reputable companies like Periscope Holdings and R.S. Hughes, prompting victims to surrender their Microsoft credentials by clicking on a file attachment.
Key aspects of the NIS2 Directive include a focus on proactive cybersecurity measures for entities within its scope, such as risk analysis, incident handling, and supply chain security.
The PoorTry Windows driver, originally used to disable EDR solutions, has now evolved into an EDR wiper, deleting crucial files to make system restoration harder. Sophos has confirmed actual EDR wiping attacks in the wild.
California has passed a landmark bill that requires internet browsers and mobile operating systems to make it easier for consumers to opt out of sharing their private data with websites for targeted advertising.
The Department of Information and Communications Technology (DICT) is focusing on enhancing cybersecurity in the Philippines through the National CyberSecurity Plan (NCSP) 2023-2028.
Cisco is strengthening its AI security by acquiring Robust Intelligence, a startup led by a former Harvard professor. This acquisition emphasizes the importance of AI security in modern IT infrastructure.
The vulnerability, known as CVE-2024-7029, allows attackers to remotely execute commands on the compromised device. The targeted device is the AVM1203 surveillance camera from AVTECH.
The latest variant employs obfuscated PowerShell commands to download and execute malicious payloads, utilizing Windows binaries like Mshta.exe and Dllhost.exe for stealth.
APT33 used the new Tickler malware to infiltrate government and defense organizations in the US and the UAE. The group, known as Peach Sandstorm and Refined Kitten, is linked to the Iranian Revolutionary Guard Corps.
Third-party risk management is a critical issue in the wake of the CrowdStrike IT outage, revealing vulnerabilities within financial institutions related to supply chain resilience, especially in vital sectors like financial services.
More than 150 people filed complaints to the Information Commissioner’s Office (ICO) regarding the delay in responding to subject access requests (SARs) after the cyberattack in October 2021.
Over the last few years, ransomware attacks have become a major concern for schools and colleges in the US, with an average of $500,000 being lost per day due to downtime from these attacks, according to Comparitech.
Grove Group, a cybersecurity and cloud services company based in Cape Town, brings around 600 customers across 51 countries to Integrity360. This acquisition will also enhance Integrity360's security operations center (SOC) business.
The U.S. Department of State and the Secret Service are offering a reward of $2.5 million for information leading to the capture of Belarusian cybercriminal Volodymyr Kadariya, who is linked to the Angler Exploit Kit.
Cequence Security found that cyberattacks against the travel industry surge during holidays, with 91% of severe vulnerabilities in the top 10 travel and hospitality sites enabling man-in-the-middle attacks.
U.S. cybersecurity leaders are focusing on preparing for the potential risks posed by quantum cryptography tools that could threaten critical infrastructure and national security.
The FBI investigation revealed that the suspect, Daniel Rhyne, had accessed the company's systems without authorization and changed passwords for various accounts. Rhyne's actions were intended to deny the company access to its systems and data.
Google Chrome versions prior to 125.0.6422.112 V8 type confusion proof of concept exploit.
Cacti versions prior to 1.2.27 suffer from an arbitrary file write vulnerability that allows for remote code execution.
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. show more ...
Debian Linux Security Advisory 5761-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.
Debian Linux Security Advisory 5760-1 - Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.
Water Billing Management System version 1.0 suffers from a cross site request forgery that enables an arbitrary file upload.
Red Hat Security Advisory 2024-6054-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes security and bug fixes. Issues addressed include deserialization and memory exhaustion vulnerabilities.
Webpay E-Commerce version 1.0 suffers from a directory traversal vulnerability.
Red Hat Security Advisory 2024-6044-03 - Red Hat Advanced Cluster Management for Kubernetes 2.11.2 General Availability release images, which fix bugs and update container images. Issues addressed include a denial of service vulnerability.
SPIP version 4.2.6 suffers from a code execution vulnerability.
WordPress GetYourGuide Ticketing plugin version 1.0.6 suffers from a cross site scripting vulnerability.
WordPress SeatReg plugin version 1.54.0 suffers from an open redirection vulnerability.
WordPress WP Event Manager plugin version 3.1.44 suffers from a cross site scripting vulnerability.
Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating "coordinated and relentless" efforts to target developers with malware and steal cryptocurrency assets. The latest wave, which was observed between August 12 and 27, 2024, involved packages named temp-etherscan-api, ethersscan-api, telegram-con, helmet-validate, and
A comprehensive guide authored by Dean Parsons emphasizes the growing need for specialized ICS security measures in the face of rising cyber threats. With a staggering 50% increase in ransomware attacks targeting industrial control systems (ICS) in 2023, the SANS Institute is taking decisive action by announcing the release of its essential new strategy guide, "ICS Is the Business: Why Securing
Chinese-speaking users are the target of a "highly organized and sophisticated attack" campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads. "The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks," Securonix researchers Den Iuzvyk and Tim Peck said in a new report. The
Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances. "The attacks involve threat actors that employ methods such as the deployment of shell scripts and XMRig miners, targeting of SSH endpoints, killing competing crypto mining processes,
The most dangerous vulnerability you’ve never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of
Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that's equipped to
Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future's Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Iran-nexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm (formerly
Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool. "The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to
Source: www.databreachtoday.com – Author: 1 Artificial Intelligence & Machine Learning , Government , Industry Specific Proposed Legislation Divides Tech World, AI Experts, Lawmakers Rashmi Ramesh (rashmiramesh_) • August 29, 2024 The California State Capitol building in an undated file photo show more ...
Source: www.databreachtoday.com – Author: 1 Critical Infrastructure Security , Government , Industry Specific Compliance Expert on Readiness, Compliance and Rapid Incident Reporting Anna Delaney (annamadeline) • August 29, 2024 Avani Desai, CEO, Schellman The NIS2 Directive focuses on addressing gaps show more ...
Source: www.databreachtoday.com – Author: 1 Cybercrime , Fraud Management & Cybercrime , Government Cybercriminal Group Claims to Have Published 100 Gigabytes of Agency’s Stolen Data Marianne Kolbasuk McGee (HealthInfoSec) • August 29, 2024 Image: Florida Department of Health Nearly two show more ...
Source: www.databreachtoday.com – Author: 1 Cybercrime , Fraud Management & Cybercrime , Incident & Breach Response Also: Turn in Volodymyr Kadariya, Get $2.5 Million from Uncle Sam Anviksha More (AnvikshaMore) • August 29, 2024 Every week, Information Security Media Group rounds up show more ...
