- + Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities—Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state a...
- + Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back—In today's rapidly evolving digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms more significant than ever. As these c...
- + Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications—Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection. Thi...
- + New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data—SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business....
- + NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources—The U.S. government on Thursday published a new cybersecurity advisory warning of North Korean threat actors' attempts to send emails in a manner...
- + Google Announces Passkeys Adopted by Over 400 Million Accounts—Google on Thursday announced that passkeys are being used by over 400 million Google accounts, authenticating users more than 1 billion time...
- + Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks—HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote c...
- + Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw—Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could ...
- + Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million—A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ra...
- + When is One Vulnerability Scanner Not Enough?—Like antivirus software, vulnerability scans rely on a database of known weaknesses. That’s why websites like VirusTotal exist, to give cyber practiti...
- + Dropbox Discloses Breach of Digital Signature Service Affecting All Users—Cloud storage services provider Dropbox on Wednesday disclosed that Dropbox Sign (formerly HelloSign) was breached by unidentified threat ac...
- + New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw—A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security fl...
- + CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabi...
- + New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials—A new malware called Cuttlefish is targeting small office and home office (SOHO) routers with the goal of stealthily monitori...
- + Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds—A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and mo...
- + Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers—Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays ...
- + How to Make Your Employees Your First Line of Cyber Defense—There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you...
- + Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success—There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you...
- + ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan—The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan...
- + Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia—A former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer c...
- + Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years—Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious "imageless" containers o...
- + U.S. Government Releases New AI Security Guidelines for Critical Infrastructure—The U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related thre...
- + Considerations for Operational Technology Cybersecurity—Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise's physical devices, processes,...
- + New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024—The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibi...
- + Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023—Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with ...
- + China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale—A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS...
- + Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM—It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolv...
- + New R Programming Vulnerability Exposes Projects to Supply Chain Attacks—A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious R...
- + Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover—Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to ...
- + Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks—Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at...
- + Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw—Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw i...
- + Bogus npm Packages Used to Trick Software Developers into Installing Malware—An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick ...
- + Severe Flaws Disclosed in Brocade SANnav SAN Management Software—Several security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to co...
- + 10 Critical Endpoint Security Tips You Should Know—In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because ...
- + New 'Brokewell' Android Malware Spread Through Fake Browser Updates—Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern ...
- + Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack—Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under...
- + Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites—Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. Th...
- + North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures—The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access troj...
- + Network Threats: A Step-by-Step Attack Demonstration—Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetec...
- + DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions—The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and...
- + Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny—Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstandin...
- + State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage—A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target...
- + U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks—The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involve...
- + Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike—Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver malware called SSLoad. The...
- + Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users—Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The fi...
- + CISO Perspectives on Complying with Cybersecurity Regulations—Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compl...
- + eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners—A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners li...
- + CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers—A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and R...
- + Apache Cordova App Harness Targeted in Dependency Confusion Attack—Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion...
- + Webinar: Learn Proactive Supply Chain Threat Hunting Techniques—In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricat...
- + Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery—Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how an...
- + Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases—European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-e...
- + German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies—German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants&nbs...
- + U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse—The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly invo...
- + Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware—The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to ...
- + ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft—The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments...
- + Russian Hacker Group ToddyCat Uses Advanced Tools for Industrial-Scale Data Theft—The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments...
- + Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation—Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, ...
- + MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws—The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure applia...
- + Ransomware Double-Dip: Re-Victimization in Cyber Extortion—Between crossovers - Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a Cyber Extor...
- + Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers—New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal ...
- + Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage—Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more ...
- + New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth—A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecu...
- + Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack—Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild&...
- + Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks—Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of...
- + BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool—Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part o...
- + How Attackers Can Own a Business Without Touching the Endpoint—Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers...
- + Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers—Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than ...
- + Hackers Target Middle East Governments with Evasive "CR4T" Backdoor—Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4...
- + OfflRouter Malware Evades Detection in Ukraine for Almost a Decade—Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an...
- + FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor—The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known...
- + Recover from Ransomware in 5 Minutes—We will Teach You How!—Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you det...
- + New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks—A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest ...
- + How to Conduct Advanced Static Analysis in a Malware Sandbox—Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior....
- + Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide—As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used...
- + Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes—Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them f...
- + Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor—A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backd...
- + Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks—A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, incl...
- + GenAI: A New Headache for SaaS Security Teams—The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS ...
- + Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware—Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-20...
- + Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign—Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to d...
- + Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services—Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web applicat...
- + OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt—Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently...
- + TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks—The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware ...
- + AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs—New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive cred...
- + Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack—The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.6...
- + Identity in the Shadows: Shedding Light on Cybersecurity's Unseen Threats—In today's rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud s...
- + FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations—The U.S. Federal Trade Commission (FTC) has ordered the mental telehealth company Cerebral from using or disclosing personal data for advertising purp...
- + Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown—Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan cal...
- + Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw—A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel ...
- + AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead—Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted a...
- + Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks—The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service pro...
- + Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution—To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) p...
- + Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users—Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS s...
- + Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability—Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation...
- + Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts—A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptoc...
- + U.S. Treasury Hamas Spokesperson for Cyber Influence Operations—The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his...
- + Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack—Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly thr...
- + Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files—"Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings fro...
- + Code Keepers: Mastering Non-Human Identity Management—Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic a...
- + Iranian MuddyWater Hackers Adopt New C2 Tool 'DarkBeatC2' in Latest Campaign—The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the...
- + Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack—Palo Alto Networks is warning that a critical flaw impacting PAN-OS software used in its GlobalProtect gateways is being actively exploited in the wil...
- + Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker—Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to ev...
- + U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt ...
- + Python's PyPI Reveals Its Secrets—GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API...
- + TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer—A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as par...
- + Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks—Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users ...
- + Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability—Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code executi...
- + 'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan—An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, wit...
- + Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files—Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that has been propagating the malware through malicious Windows Script F...
- + Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware—Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading ...
As of 5/5/24 2:36am. Last new 5/4/24 7:23am. Score: 301
- Next feed in category: US-CERT Recently Published Vulnerability Notes