Latest Cybersecurity News and Articles
13 December 2024
Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of the platform.
Their bi-annual “You Did What with Tines?!” competition highlights some of the most interesting workflows submitted by their
13 December 2024
70% of respondents believe incidents of CISOs being held liable for cybersecurity events has negatively influenced their perception of the role.
13 December 2024
Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while simultaneously evading detection.
"PUMAKIT is a sophisticated loadable kernel module (LKM) rootkit that employs advanced stealth mechanisms to hide its presence and maintain communication with
13 December 2024
The U.S. Department of Justice (DoJ) on Thursday announced the shutdown of an illicit marketplace called Rydox ("rydox.ru" and "rydox[.]cc") for selling stolen personal information, access devices, and other tools for conducting cybercrime and fraud.
In tandem, three Kosovo nationals and administrators of the service, Ardit Kutleshi, Jetmir Kutleshi, and Shpend Sokoli, have been arrested. Ardit
12 December 2024
Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks.
"Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and API
12 December 2024
The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns.
"BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims," Lookout said in an analysis. "Both
12 December 2024
Details have emerged about a now-patched security vulnerability in Apple's iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control (TCC) framework and result in unauthorized access to sensitive information.
The flaw, tracked as CVE-2024-44131 (CVSS score: 5.3), resides in the FileProvider component, per Apple, and has been addressed with improved
12 December 2024
SaaS services are one of the biggest drivers of OpEx (operating expenses) for modern businesses. With Gartner projecting $247.2 billion in global SaaS spending this year, it’s no wonder SaaS budgets are a big deal in the world of finance and IT. Efficient SaaS utilization can significantly affect both the bottom line and employee productivity.
In this article, we’ll break down this topic
12 December 2024
Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a variety of attacks.
The flaw, tracked as CVE-2024-11972 (CVSS score: 9.8), affects all versions of the plugin prior to 1.9.0. The plugin has over 10,000 active installations.
"This flaw poses a significant security risk, as it
12 December 2024
Research reveals a new cyber scam campaign targeting job seekers.
12 December 2024
A global law enforcement operation has failed 27 stresser services that were used to conduct distributed denial-of-service (DDoS) attacks and took them offline as part of a multi-year international exercise called PowerOFF.
The effort, coordinated by Europol and involving 15 countries, dismantled several booter and stresser websites, including zdstresser.net, orbitalstress.net, and
11 December 2024
A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. Meanwhile, an investigation into the Vancouver street address used by this company shows it is home to dozens of foreign currency dealers, money transfer businesses, and cryptocurrency exchanges -- none of which are physically located there.
11 December 2024
The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine.
The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging the Amadey bot malware to download custom malware onto "specifically
11 December 2024
Research has revealed the 5 industries most frequently targeted with subject customization techniques.
11 December 2024
A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions.
"To exploit this technique, a user must be convinced to run a program that uses UI Automation," Akamai security researcher Tomer Peled said in a report shared with The Hacker News. "
11 December 2024
Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account.
"The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the
11 December 2024
Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago.
"Zloader 2.9.4.0 adds notable improvements including a custom DNS tunnel protocol for C2 communications and an interactive shell
11 December 2024
Cybersecurity researchers have discovered a novel surveillance program that's suspected to be used by Chinese police departments as a lawful intercept tool to gather a wide range of information from mobile devices.
The Android tool, codenamed EagleMsgSpy by Lookout, has been operational since at least 2017, with artifacts uploaded to the VirusTotal malware scanning platform as recently as
11 December 2024
A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023.
The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air traffic control organization, a telecoms company, and a media outlet, the Symantec Threat Hunter Team
11 December 2024
Two data brokers have been banned from collecting and selling the sensitive, private location data of Americans.