Latest Cybersecurity News and Articles
27 September 2024
The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks.
The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to cloud environment, ultimately resulting in data exfiltration, credential theft, tampering, persistent
27 September 2024
Compromised email accounts from transportation and shipping companies are used to insert malicious content into email conversations. The attacks, occurring from May to July 2024, primarily delivered Lumma Stealer, StealC, or NetSupport.
27 September 2024
VLC Media Player users are urged to update their software due to the critical CVE-2024-46461 vulnerability, which could crash the program or lead to code execution by malicious actors.
27 September 2024
Multiple critical vulnerabilities in CUPS (Common Unix Printing System) have been uncovered, affecting Linux systems, BSDs, Oracle Solaris, and Google Chrome OS. These flaws can enable attackers to execute arbitrary commands through IPP URLs.
27 September 2024
In today's fast-evolving digital landscape, cybersecurity has become a cornerstone of organizational resilience. As cyber threats grow increasingly sophisticated, the demand for skilled cybersecurity professionals has never been higher. Whether you're a seasoned cyber professional or just starting your journey, signing up for the GIAC Newsletter ensures you're always informed and equipped for
27 September 2024
Russian-speaking users have been targeted as part of a new campaign distributing a commodity trojan called DCRat (aka DarkCrystal RAT) by means of a technique known as HTML smuggling.
The development marks the first time the malware has been deployed using this method, a departure from previously observed delivery vectors such as compromised or fake websites, or phishing emails bearing PDF
27 September 2024
Nvidia Container Toolkit has critical vulnerabilities (CVE-2024-0132 and CVE-2024-0133) up to v1.16.1, allowing attackers to access the host file system, execute code, escalate privileges, and disrupt services.
27 September 2024
The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation of several money laundering services that were offered to cybercriminals.
The virtual currency exchanges, Cryptex and PM2BTC, have been alleged to facilitate the laundering of cryptocurrencies possibly obtained through
27 September 2024
A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to break out of the confines of a container and gain full access to the underlying host.
The vulnerability, tracked as CVE-2024-0132, carries a CVSS score of 9.0 out of a maximum of 10.0. It has been addressed in NVIDIA Container Toolkit version v1.16.2 and
26 September 2024
Mallox, known for targeting Windows systems, has expanded its operations to Linux by using a modified version of the Kryptina ransomware, named "Mallox Linux 1.0." The ransomware utilizes the same encryption algorithm as Kryptina.
26 September 2024
Unit 42 researchers discovered a new variant of the RomCom malware family called "SnipBot," designed to target enterprise networks. It can infiltrate networks, execute remote commands, and download additional malicious software.
26 September 2024
Threat actors exploit vulnerabilities in container orchestration technologies, particularly misconfigured Docker API endpoints, to compromise containers and cloud hosts to deploy a crypto miner.
26 September 2024
A critical SQL injection vulnerability has been discovered in The Events Calendar WordPress plugin (CVE-2024-8275), affecting all versions up to 6. 6. 4. The vulnerability has a CVSS score of 9. 8, indicating a high level of severity.
26 September 2024
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate.
"These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security
26 September 2024
The identified flaws include a local configuration account vulnerability, remote access via privileged accounts, remote account creation, remote command execution, and SNMP configuration exploitation.
26 September 2024
The United States today unveiled sanctions and indictments against the alleged proprietor of Joker's Stash, a now-defunct cybercrime store that peddled tens of millions of payment cards stolen in some of the largest data breaches of the past decade. The government also indicted a top Russian cybercriminal known as Taleon, whose cryptocurrency exchange Cryptex has evolved into one of Russia's most active money laundering networks.
26 September 2024
TeamViewer has identified critical vulnerabilities (CVE-2024-7479 and CVE-2024-7481) in its Remote Client and Remote Host products for Windows, putting users at risk with a CVSS score of 8.8.
26 September 2024
Models MSG1200, MSG2100E, MSG2200, and MSG2300 running software version 3.90 are affected. Security researcher Johannes B. Ullrich has identified two payloads used in attacks, targeting vulnerable routers.
26 September 2024
A recent threat report reveals that a minimum of 14 million patients in the U.S. have fallen victim to malware breaches in this sector.
26 September 2024
GitLab has released a security update to fix a critical vulnerability (CVE-2024-45409) in its Community Edition and Enterprise Edition platforms, affecting all self-managed installations