Source: thehackernews.com – Author: . Jan 25, 2024NewsroomRemote Access Trojan Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called...
Day: January 25, 2024
Critical Jenkins Vulnerability Exposes Servers to RCE Attacks – Patch ASAP! – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 25, 2024NewsroomVulnerability / Software Security The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have...
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 25, 2024NewsroomFileless Malware / Endpoint Security Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that’s distributed...
Using Google Search to Find Software Can Be Risky – Source: krebsonsecurity.com
Source: krebsonsecurity.com – Author: BrianKrebs Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of...
China-Aligned APT Group Blackwood Unleashes NSPX30 Implant – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 ESET researchers have recently unveiled a highly sophisticated implant known as NSPX30, which has been linked to a newly identified Advanced...
Government Security Vulnerabilities Surge By 151%, Report Finds – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 The government sector has witnessed the most significant growth in crowdsourced security in 2023, marking a 151% increase in vulnerability submissions...
North Korea Hacks Crypto: More Targets, Lower Gains – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 North Korea-backed threat actors hacked more crypto platforms than ever in 2023 but stole less of the digital currency in total...
Data Privacy Week: US Data Breaches Surge, 2023 Sees 78% Increase in Compromises – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Written by The number of reported data compromises in the US in 2023 increased by 78% compared to 2022, reaching 3205,...
Southern Water Confirms Data Breach Following Black Basta Claims – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 UK water supplier Southern Water has confirmed that it suffered a data breach after the Black Basta ransomware group appeared to...
Pwn2Own Contest Unearths Dozens of Zero-Day Vulnerabilities – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 Some of the world’s top ethical hackers are competing in Tokyo this week, having already found close to 40 zero-day vulnerabilities...
HPE Says SolarWinds Hackers Accessed its Emails – Source: www.infosecurity-magazine.com
Source: www.infosecurity-magazine.com – Author: 1 An infamous Russian state hacking unit compromised the cloud-based email environment of HPE and exfiltrated data from a “small percentage” of...
Privacy predictions for 2024 – Source: securelist.com
Source: securelist.com – Author: Anna Larkina, Vladislav Tushkanov, Dmitry Momotov Kaspersky Security Bulletin In our previous privacy predictions piece, we outlined trends for 2023. As expected,...
Quantum Computing Skeptics – Source: www.schneier.com
Source: www.schneier.com – Author: Bruce Schneier HomeBlog Quantum Computing Skeptics Interesting article. I am also skeptical that we are going to see useful quantum computers anytime...
Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE) – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE) Hewlett Packard Enterprise (HPE) revealed that Russia-linked APT group Midnight...
CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini CISA adds Atlassian Confluence Data Center bug to its Known Exploited Vulnerabilities catalog U.S. Cybersecurity and Infrastructure Security Agency (CISA)...
5379 GitLab servers vulnerable to zero-click account takeover attacks – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini 5379 GitLab servers vulnerable to zero-click account takeover attacks Thousands of GitLab servers are vulnerable to zero-click account takeover attacks...
Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204 – Source: securityaffairs.com
Source: securityaffairs.com – Author: Pierluigi Paganini Experts released PoC exploit for Fortra GoAnywhere MFT flaw CVE-2024-0204 Researchers released PoC exploit code for a recently disclosed critical...
Darktrace and Garland Technology Collaborate to Help Businesses Secure Operational Technology Environments – Source: www.darkreading.com
Source: www.darkreading.com – Author: PRESS RELEASE CAMBRIDGE, England, Jan. 24, 2024 /PRNewswire/ — Darktrace, a global leader in cyber security AI, and Garland Technology, a leading manufacturer of network TAP...
Peters and Braun Introduce Bipartisan Bill to Bolster Government’s Cybersecurity Capabilities – Source: www.darkreading.com
Source: www.darkreading.com – Author: PRESS RELEASE WASHINGTON, D.C. – U.S. Senators Gary Peters (D-MI), Chairman of the Homeland Security and Governmental Affairs Committee, and Mike Braun (R-IN) introduced bipartisan...
Managed Ransomware Detect & Respond (RDR) Offering From Zyston – Source: www.darkreading.com
Source: www.darkreading.com – Author: PRESS RELEASE DALLAS, Jan. 24, 2024 /PRNewswire-PRWeb/ — Zyston, a leading Managed Security Services Provider (MSSP) based in Dallas, Texas, is excited to introduce Managed Ransomware Detect...
Atlassian Tightens API After Hacker Scrapes 15M Trello Profiles – Source: www.darkreading.com
Source: www.darkreading.com – Author: Tara Seals, Managing Editor, News, Dark Reading Source: Seemanta Dutta via Alamy Stock Photo About 15 million names, usernames, and emails associated...
Nozomi Networks Delivers Multi-Spectrum Wireless Security Sensor for Global OT and IoT Environments – Source: www.darkreading.com
Source: www.darkreading.com – Author: PRESS RELEASE SAN FRANCISCO, January 24, 2024 — Nozomi Networks Inc., the leader in OT and IoT security, today introduced Guardian Air™, the industry’s only...
ChatGPT Cybercrime Discussions Spike to Nearly 3K Posts on Dark Web – Source: www.darkreading.com
Source: www.darkreading.com – Author: Kristina Beek, Associate Editor, Dark Reading 1 Min Read Source: Ascannio via Shutterstock In new findings from Kaspersky’s Digital Footprint Intelligence service,...
CISA’s Water Sector Guide Puts Incident Response Front & Center – Source: www.darkreading.com
Source: www.darkreading.com – Author: Robert Lemos, Contributing Writer Source: M Production via Shutterstock Water and wastewater utilities last week received new guidance for improving their response...
Jason’s Deli Accounts Compromised by Credential Stuffing – Source: www.darkreading.com
Source: www.darkreading.com – Author: Becky Bracken, Editor, Dark Reading Source: William Morgan via Alamy Stock Photo Texas-based soup and sandwich slinger Jason’s Deli is alerting members...
Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT – Source: www.darkreading.com
Source: www.darkreading.com – Author: Jai Vijayan, Contributing Writer Source: Tanoy1412 via Shutterstock A proof-of-concept exploit is now available for a near maximum-severity flaw in Fortra’s GoAnywhere...
AI Program Poised to Advance Cybersecurity in Abu Dhabi – Source: www.darkreading.com
Source: www.darkreading.com – Author: Alicia Buller, Contributing Writer Source: Birgit Korber via Alamy Stock Photo Experts have welcomed the creation of a new artificial intelligence (AI)...
Cyber Threat Landscape: 7 Key Findings and Upcoming Trends for 2024 – Source:thehackernews.com
Source: thehackernews.com – Author: . The 2023/2024 Axur Threat Landscape Report provides a comprehensive analysis of the latest cyber threats. The information combines data from the...
China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware – Source:thehackernews.com
Source: thehackernews.com – Author: . A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from...
New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits – Source:thehackernews.com
Source: thehackernews.com – Author: . Jan 25, 2024NewsroomThreat Intelligence / Malware Research A new Go-based malware loader called CherryLoader has been discovered by threat hunters in...