Category: Cyware News – Latest Cyber News

The Network and Information Security (NIS) 2 Directive is a major cybersecurity regulation in Europe, with EU Member States having until October 17, 2024, to comply with the increased security standards and reporting requirements. This article has been indexed from…

Read more →

Initially discovered in January 2023 impersonating government entities, Gigabud and Golddigger malware campaigns have overlapped, suggesting the same threat actors behind both. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Unmasking the…

Read more →

Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) have made it easier for cybercriminals to carry out sophisticated attacks, according to Darktrace. These subscription-based tools have lowered the barrier for less experienced attackers. This article has been indexed from Cyware News – Latest…

Read more →

The United Nations has unanimously passed its first cybercrime treaty, initially proposed by Russia. This treaty establishes a global legal framework for addressing cybercrime and data access. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Shorter TLS certificate lifespans are expected to create challenges for management efforts, with 76% of security leaders acknowledging the need to transition to shorter lifespans for increased security, according to Venafi. This article has been indexed from Cyware News –…

Read more →

The first vulnerability, CVE-2024-42219, allows bypassing inter-process communication protections and impersonation of trusted 1Password integrations. The second, CVE-2024-42218, lets attackers bypass security mechanisms using outdated app versions. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The vulnerabilities affect devices before the Sonos S2 release 15.9 and Sonos S1 release 11.12. These flaws could be exploited to compromise devices over the air and capture audio covertly. This article has been indexed from Cyware News – Latest…

Read more →

CrowdStrike is looking to acquire patch management specialist Action1 in a deal worth nearly $1 billion. Action1’s Co-Founder and CEO confirmed the discussions with CrowdStrike employees in a memo. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Researchers at AppOmni revealed that adversaries no longer need to complete all seven stages of a traditional kill chain to achieve their goals. This shift requires organizations to rethink their cybersecurity strategies. This article has been indexed from Cyware News…

Read more →

The vulnerabilities affect all versions of OpenVPN prior to 2.6.10 and 2.5.10. Attackers could gain full control over targeted endpoints by exploiting these vulnerabilities. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Earth Baku has expanded its operations beyond the Indo-Pacific region to Europe, the Middle East, and Africa. They are now targeting countries like Italy, Germany, UAE, and Qatar, with suspected activities in Georgia and Romania. This article has been indexed…

Read more →

RunZero recently released SSHamble, an open-source tool for testing the security of SSH services. This tool helps security teams detect dangerous misconfigurations and software bugs in SSH implementations. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Gaining visibility in OT networks is challenging due to differences in communication protocols between IT and OT systems. Building trust between OT and IT teams is essential, as their priorities often conflict. This article has been indexed from Cyware News…

Read more →

he vulnerability, tracked as CVE-2024-20419, allows unauthenticated attackers to change any user’s password remotely. To secure vulnerable Cisco Smart Software Manager On-Prem servers, admins must upgrade to a fixed release. This article has been indexed from Cyware News – Latest…

Read more →

The initiative, called Secure by Design, was introduced by the Cybersecurity and Infrastructure Security Agency at the RSA Conference, with an initial 70 firms committing to improving security features. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine. This article has…

Read more →

A comprehensive analysis of data theft incidents investigated by ReliaQuest from September 2023 to July 2024 revealed that Rclone, WinSCP, and cURL are among the most prevalent exfiltration tools used by threat actors. This article has been indexed from Cyware…

Read more →

Researchers discovered that a solar grid responsible for 20% of the world’s solar power output, enough to power the entire United States, is at risk of being hijacked due to vulnerabilities in PV plant management platforms. This article has been…

Read more →

Recent findings indicate that the 7777 botnet (aka Quad7) has likely expanded, adding new bots with open port 63256, primarily including Asus routers. As of August 5, 2024, the total number of active bots stood at 12,783. This article has…

Read more →

Quorum Cyber Incident Response team recently identified a new malware called SharpRhino utilized by the threat actor group Hunters International during a ransomware incident. The malware, written in C#, was distributed through a typosquatting domain posing as Angry IP Scanner.…

Read more →