- + Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices—A new Android trojan named Brokewell can steal user’s sensitive information and allows attackers to take over devices. The post Powerful ‘Bro...
- + Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day—More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published. The post Over 1,400 CrushFTP...
- + Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses—More than 90,000 unique IPs are still infected with a PlugX worm variant that spreads via infected flash drives. The post Self-Spreading PlugX USB ...
- + In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO—Noteworthy stories that might have slipped under the radar: Volkswagen hacked by Chinese threat group, DDoS service shut down, Rubrik IPO. The post ...
- + Darktrace to be Taken Private in $5.3 Billion Sale to Thoma Bravo—UK cybersecurity firm Darktace has agreed to sell itself to private equity giant Thoma Bravo for approximately $5.32 million in cash. The post Dark...
- + Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors—A vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites. The post Critical WordPress ...
- + Predictive Security Startup BforeAI Raises $15 Million—Predictive attack intelligence and risk protection startup BforeAI has raised $15 million in a Series A funding round led by SYN Ventures. The post ...
- + Palo Alto Networks Shares Remediation Advice for Hacked Firewalls—Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked via CVE-2024-3400. The post Palo Alto Net...
- + Autodesk Drive Abused in Phishing Attacks —A new phishing campaign abuses compromised email accounts and targets corporate users with PDF files hosted on Autodesk Drive. The post Autodesk Dr...
- + FTC Sending $5.6 Million in Refunds to Ring Customers Over Security Failures—The FTC is sending a total of $5.6 million in refunds to over 117,000 Ring customers as result of a 2023 settlement. The post FTC Sending $5.6 Mill...
- + Vulnerabilities Expose Brocade SAN Appliances, Switches to Hacking—The Brocade SANnav management application is affected by multiple vulnerabilities, including a publicly available root password. The post Vulnerabi...
- + Endpoint Security Firm ThreatLocker Raises $115 Million in Series D Funding—Zero trust endpoint security company ThreatLocker has announced a $115 million Series D funding round that brings the total to $240 million. The po...
- + IBM Acquiring HashiCorp for $6.4 Billion—IBM is acquiring HashiCorp for $6.4 billion for its infrastructure lifecycle management and security lifecycle management capabilities. The post IB...
- + Cisco Systems Joins Microsoft, IBM in Vatican Pledge to Ensure Ethical Use and Development of AI—Pope Francis has called for an international treaty to ensure AI is developed and used ethically, devoting his annual peace message this year to the t...
- + Cisco Raises Alarm for ‘ArcaneDoor’ Zero-Days Hitting ASA Firewall Platforms—Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on te...
- + KnowBe4 Plans to Acquire Egress for Email Security Tech—KnowBe4 boasts that the merger will create “the largest, advanced AI-driven cybersecurity platform for managing human risk.” The post KnowBe4 Plans...
- + Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon—As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk. The post Navigating Vendor Spe...
- + North Korean Hackers Hijack Antivirus Updates for Malware Delivery—A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners. The post North Ko...
- + Tines Bags $50 Million Funding for Security Workflow Automation—Irish startup Tines raises $50 million in new venture capital funding as investors make big bets on automation and orchestration startups. The post ...
- + Google Patches Critical Chrome Vulnerability—Google patches CVE-2024-4058, a critical Chrome vulnerability for which researchers earned a $16,000 reward. The post Google Patches Critical Chro...
- + Amplifier Security Emerges From Stealth With AI Copilot, Human-in-the-Loop Automation—Amplifier Security has raised $3.3 million in funding for a solution that includes human-in-the-loop automation and an AI copilot. The post Amplifi...
- + Nagomi Security Emerges From Stealth With $30 Million in Funding—Nagomi Security, a company that helps customers prevent threats by leveraging existing security tools, emerged from stealth with $30 million in fundin...
- + CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation—CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild. The post CISA Warns of Windows Print Sp...
- + Threat Actor Uses Multiple Infostealers in Global Campaign—A threat actor tracked as CoralRaider has been using multiple infostealers to harvest credentials from users worldwide. The post Threat Actor Uses ...
- + $10 Million Bounty on Iranian Hackers for Cyberattacks on US Gov, Defense Contractors—Four Iranians are accused of hacking into critical systems at the Departments of Treasury and State and dozens of private US companies. The post $1...
- + $10 Million Bounty on Iranian Hackers for Cyber Attacks on US Gov, Defense Contractors—Four Iranians are accused of hacking into critical systems at the Departments of Treasury and State and dozens of private US companies. The post $1...
- + Spain Reopens a Probe Into a Pegasus Spyware Case After a French Request to Work Together—The judge with Spain’s National Court said there is reason to believe that the new information provided by France can “allow the investigations to adv...
- + The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success—Mandiant's M-Trends 2024 report shows that defenses are improving – and that may be true. But the reality remains that these same statistics demonstra...
- + Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations —Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations. The post Russian Cyberspies Deliver...
- + UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack—UnitedHealth confirms that personal and health information was stolen in a ransomware attack that could cost the company up to $1.6 billion. The pos...
- + Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability—Palo Alto Networks firewall vulnerability CVE-2024-3400, exploited as a zero-day, impacts a Siemens industrial product. The post Siemens Industrial...
- + Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor—The LockBit ransomware gang leaks data allegedly stolen from government contractor Tyler Technologies. The post Ransomware Gang Leaks Data Allegedl...
- + Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services—Microsoft PlayReady vulnerabilities that could allow rogue subscribers to illegally download movies from popular streaming services. The post Micro...
- + Research Shows How Attackers Can Abuse EDR Security Products—Vulnerabilities in Palo Alto Networks Cortex XDR allowed a security researcher to turn it into a malicious offensive tool. The post Research Shows ...
- + Rural Texas Towns Report Cyberattacks That Caused One Water System to Overflow—A hack that caused a small Texas town’s water system to overflow in January has been linked to a shadowy Russian hacktivist group, the latest case of ...
- + CrushFTP Patches Exploited Zero-Day Vulnerability—CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files. The post CrushFTP Patches...
- + Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability —Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400. The post Thousa...
- + MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days—MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability. The post MITRE Hac...
- + Cannes Hospital Cancels Medical Procedures Following Cyberattack—Cannes Hospital Centre – Simone Veil cancels medical procedures after shutting down systems in response to a cyberattack. The post Cannes Hospital ...
- + BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems—Investors make an early-stage $6.5 million bet on BreachRx, a startup promising to shield cybersecurity executives from personal liability. The post...
- + Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing—VulnCheck banks $8 million in early stage capital to build 'exploit intelligence' technologies and services. The post Threat-Intelligence Startup...
- + In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack—Noteworthy stories that might have slipped under the radar: OpenSSF and OpenJS incidents similar to XZ backdoor, Moldovan botnet operator charged, US ...
- + First Major Attempts to Regulate AI Face Headwinds From All Sides—While over 400 AI-related bills are being debated this year in statehouses nationwide, most target one industry or just a piece of the technology — su...
- + US Government Releases Guidance on Securing Election Infrastructure—New US guidance details foreign malign influence operations to help election infrastructure stakeholders increase resilience. The post US Governmen...
- + Akira Ransomware Made Over $42 Million in One Year: Agencies—Akira ransomware has hit over 250 organizations worldwide and received over $42 million in ransom payments. The post Akira Ransomware Made Over $42...
- + Frontier Communications Shuts Down Systems Following Cyberattack—Telecom giant Frontier shuts down systems to contain a cyberattack that led to personal information compromise. The post Frontier Communications Sh...
- + OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining —Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments. The post O...
- + SAP Applications Increasingly in Attacker Crosshairs, Report Shows—Malicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint. The post SAP Applications ...
- + Watch Now: Ransomware Resilience & Recovery Summit Sessions Now on Demand—Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organizatio...
- + Multi-Data Platform SIEM Anvilogic Raises $45 Million—Silicon Valley startup Anvilogic has raised $45 million in a Series C funding round led by Evolution Equity Partners. The post Multi-Data Platform ...
- + United Nations Agency Investigating Ransomware Attack Involving Data Theft—United Nations Development Programme (UNDP) investigating a ransomware attack in which hackers stole sensitive data. The post United Nations Agency...
- + Five Eyes Agencies Release New AI Security Guidance—Five Eyes cybersecurity agencies have released joint guidance on securely deploying and operating AI systems. The post Five Eyes Agencies Release ...
- + Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability—Cisco patches a high-severity Integrated Management Controller vulnerability for which PoC exploit code is available. The post Cisco Says PoC Explo...
- + 180k Impacted by Data Breach at Michigan Healthcare Organization—Cherry Health says the personal information of over 180,000 individuals was stolen in a ransomware attack. The post 180k Impacted by Data Breach at...
- + Phishing Platform LabHost Shut Down by Law Enforcement—LabHost, a major phishing-as-a-service platform, has been shut down as part of a major law enforcement operation. The post Phishing Platform LabHo...
- + Cisco Unveils AI-Native Enterprise Security Solution Hypershield—Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities. The post Cisco Unveils A...
- + Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression—Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy. The post Kape...
- + Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology—YL Ventures leads an early stage funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology. The ...
- + Armis Acquires Silk Security for $150 Million—Armis has acquired cyber risk prioritization and remediation company Silk Security for $150 million. The post Armis Acquires Silk Security for $15...
- + Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks—Cisco has observed an increase in brute-force attacks targeting web application authentication, VPNs, and SSH services. The post Cisco: Multiple VP...
- + Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product—Ivanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution. The post Ivanti...
- + Virtual Event Today: Ransomware Resilience & Recovery Summit —Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organizatio...
- + Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities—Chrome and Firefox security updates resolve over 35 vulnerabilities, including a dozen high-severity bugs. The post Chrome 124, Firefox 125 Patch H...
- + Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44—Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44. The post Recent OT and Espion...
- + Oracle Patches 230 Vulnerabilities With April 2024 CPU—Oracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update. The post Oracle Patches 23...
- + Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release—Palo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released. The post Exploitation of Palo Alt...
- + Virtual Event Tomorrow: Ransomware Resilience & Recovery Summit —Join this one-day virtual summit as we shine the spotlight on the shadowy dynamics of ransomware attacks and how you can best prepare your organizatio...
- + Critical PuTTY Vulnerability Allows Secret Key Recovery—PuTTY vulnerability CVE-2024-31497 allows attackers to compromise private keys and use them to forge signatures. The post Critical PuTTY Vulnerabi...
- + Cryptojacker Arrested, Charged for Defrauding Cloud Providers of $3.5 Million—Charles O. Parks III was arrested and charged with defrauding two cloud-services providers of $3.5 million. The post Cryptojacker Arrested, Charged...
- + Cloud Users Warned of Data Exposure Risk From Command-Line Tools—Cloud security specialists found data exposure risk associated with Azure, AWS, and Google Cloud command-line tools. The post Cloud Users Warned of...
- + Hacker Conversations: Kevin O’Connor, From Childhood Hacker to NSA Operative—Kevin O’Connor knew he was a hacker by the time he was in Middle School. He went on to work for the NSA and is now director of threat research at Adlu...
- + Ransomware Group Starts Leaking Data Allegedly Stolen From Change Healthcare—The RansomHub group has started leaking information allegedly stolen from Change Healthcare in February 2024. The post Ransomware Group Starts Leak...
- + You Against the World: The Offenders Dilemma—Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess...
- + Omni Hotels Says Personal Information Stolen in Ransomware Attack—Omni Hotels says customer information was compromised in a cyberattack claimed by the Daixin Team ransomware group. The post Omni Hotels Says Perso...
- + Delinea Scrambles to Patch Critical Flaw After Failed Responsible Disclosure Attempt—PAM company Delinea over the weekend rushed to patch a critical authentication bypass vulnerability after it apparently ignored the researcher who fou...
- + Cisco Duo Says Hack at Telephony Supplier Exposed MFA SMS Logs—Cisco Duo warns that breach exposed phone numbers, phone carriers, metadata and other logs that could lead to downstream social engineering attacks. ...
- + NightVision Raises $5.4 Million for Application Security Testing—NightVision, an early stage startup in the application security testing space, has raised $5.4 million in seed funding. The post NightVision Raises...
- + Ransomware Group Claims Theft of Data From Chipmaker Nexperia —The Dark Angels (Dunghill) ransomware group claims to have stolen 1 Tb of data from Nexperia, which is investigating the incident. The post Ransomw...
- + Juniper Networks Publishes Dozens of New Security Advisories—Juniper Networks patches dozens of vulnerabilities in Junos OS, Junos OS Evolved, and other products. The post Juniper Networks Publishes Dozens of...
- + Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure—ICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure fi...
- + Two People Arrested in Australia and US for Development and Sale of Hive RAT—Authorities in Australia and the US have arrested and charged two individuals for developing and selling the Hive RAT. The post Two People Arrested...
- + Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges—Former security engineer Shakeeb Ahmed was sentenced to prison for hacking and defrauding cryptocurrency exchanges. The post Former Security Engine...
- + Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge—Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. The pos...
- + Palo Alto Networks Releases Fixes for Firewall Zero-Day as First Attribution Attempts Emerge—Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. The pos...
As of 4/26/24 11:48am. Last new 4/26/24 11:48am. Score: 181
- Next feed in category: Schneier on Security