Latest Cybersecurity News and Articles
09 September 2024
Initially believed to only impact SonicOS management access, it has now been confirmed to affect SSLVPN on SonicWall firewalls, including by Akira ransomware affiliates targeting accounts with disabled MFA and outdated firmware versions.
09 September 2024
Designed to be more than a one-time assessment— Wing Security’s SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture—and it’s free!
Introducing SaaS Pulse: Free Continuous SaaS Risk Management
Just like waiting for a medical issue to become critical before seeing a doctor, organizations can’t afford to overlook the constantly
09 September 2024
Despite its connection to FIN7, other threat actors have also employed PackXOR to distribute payloads like XMRig cryptominer and R77 rootkit, often in conjunction with SilentCryptoMiner.
09 September 2024
The Department of Health and Human Services' Health Sector Cybersecurity Coordination Center highlighted the ongoing discovery of vulnerabilities in Tomcat that pose a risk to organizations.
09 September 2024
Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that could result in the execution of arbitrary operating system commands.
Tracked as CVE-2024-7591 (CVSS score: 10.0), the vulnerability has been described as an improper input validation bug that results in OS command injection.
"It is possible for unauthenticated, remote
09 September 2024
Two men from Russia and Kazakhstan, Alex Khodyrev and Pavel Kublitskii, have been indicted in Tampa, Florida, for operating the Dark Web cybercriminal marketplace WWH Club.
09 September 2024
Absolute Security has acquired Syxsense, an endpoint and vulnerability management provider, to enhance its cyber resilience platform. The acquisition aims to simplify patching and remediation through automated workloads.
09 September 2024
IBM webMethods Integration Server is hit by a critical flaw (CVE-2024-45076) with a CVSS score of 9. 9, demanding urgent attention. This flaw allows authenticated users to execute arbitrary commands, escalate privileges, and access sensitive files.
09 September 2024
Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent.
The malware "targets mnemonic keys by scanning for images on your device that might contain them," McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K.
The campaign makes use
09 September 2024
Red Hat has issued a critical security advisory for an authentication bypass vulnerability (CVE-2024-7923) in Pulpcore, a content management system used in Red Hat Satellite deployments.
09 September 2024
A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024.
Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains.
The exact initial access vector used
09 September 2024
The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155).
"These cyber actors are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm
07 September 2024
The BlindEagle APT group has recently targeted the Colombian insurance sector. The attack chain starts with a phishing email impersonating DIAN, the Colombian tax authority.
07 September 2024
A critical Remote Code Execution (RCE) flaw, CVE-2024-40711, with a CVSS score of 9. 8 has been discovered in Veeam Backup & Replication, allowing unauthorized attackers to take full control over systems.
07 September 2024
Apache has addressed a critical remote code execution vulnerability in its OFBiz software, which could allow attackers to run malicious code on Linux and Windows servers. OFBiz is a CRM and ERP suite that serves as a Java-based web framework.
07 September 2024
Fog, a variant of STOP/DJVU family, targets various sectors, exploiting VPN vulnerabilities to infiltrate network defenses. After infiltration, Fog ransomware disables protective measures, encrypts vital files, and demands ransom via the Tor network.
07 September 2024
Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation.
These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the Web3 sector.
"After an initial chat conversation, the attacker sent a ZIP file that contained
07 September 2024
Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information.
Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian national, have been charged with conspiracy to commit access device fraud and conspiracy to commit wire
07 September 2024
DarkCracks isn’t your typical malware campaign—it’s a sophisticated Launcher designed for long-term exploitation. It deploys malicious payloads through public websites, like school portals and booking systems, to infect unsuspecting users.
07 September 2024
The Penpie DeFi platform recently reported a $27 million cryptocurrency theft to the FBI and Singapore police. Hackers targeted the protocol, stealing ethereum and prompting Penpie to halt withdrawals and deposits.