Category: Cyware News – Latest Cyber News

The US cybersecurity agency CISA has issued a warning about cyber threat actors exploiting vulnerabilities in GeoServer (CVE-2022-24816), the Linux kernel (CVE-2022-2586), and Roundcube Webmail (CVE-2020-13965). This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The US Department of Justice has indicted a 22-year-old Russian, Amin Timovich Stigal, for his alleged involvement in cyber attacks on Ukrainian government computers and critical infrastructure systems known as the “WhisperGate” attack. This article has been indexed from Cyware…

Read more →

Approximately three-quarters of companies have made investments in cyber defense in order to qualify for cyber insurance, according to a report by Sophos and Vanson Bourne. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The healthcare sector received a “B+” security rating for the first half of 2024, indicating a decent level of security. However, it faces a significant vulnerability in the form of supply chain cyber risk. This article has been indexed from…

Read more →

The California Privacy Protection Agency (CPPA) has signed a partnership agreement with France’s Commission Nationale de l’Informatique et des Libertés (CNIL) to conduct joint research and share investigative findings on data privacy issues. This article has been indexed from Cyware…

Read more →

XenoRAT is being used by North Korean hackers and other actors targeting the gaming community. It is being spread through .gg domains and a GitHub repository disguised as Roblox scripting tools. This article has been indexed from Cyware News –…

Read more →

Microsoft has discovered a new type of jailbreak attack called Skeleton Key. This technique uses a multi-turn strategy to make the model ignore its guardrails, allowing it to generate forbidden content or override its decision-making rules. This article has been…

Read more →

Researchers at Nozomi Networks uncovered four vulnerabilities in Sensor Net Connect and three flaws in the Thermoscan IP desktop application, both made by a division of French firm Proges Plus. This article has been indexed from Cyware News – Latest…

Read more →

The Vanna AI library has been found to have a vulnerability (CVE-2024-5565) that could allow for remote code execution (RCE) due to a prompt injection issue related to the Plotly script. This article has been indexed from Cyware News –…

Read more →

The vulnerability allows attackers to create administrative user accounts, modify and delete data in the application database, and potentially gain full control of vulnerable systems. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

ReversingLabs researchers discovered a suspicious package on npm called legacyreact-aws-s3-typescript. They found that the package contained a post-install script that downloaded and executed a simple backdoor. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

South Korean telco KT has been accused of purposely infecting customers with malware as a result of excessive use of peer-to-peer (P2P) downloading tools. Around 600,000 users of online storage services have reportedly been affected. This article has been indexed…

Read more →

Snowblind is effective on all modern Android devices and primarily targets banking apps. It avoids detection by modifying the app and exploiting the Linux kernel’s seccomp feature to control the app’s system calls. This article has been indexed from Cyware…

Read more →

Major secrets, including cloud environment credentials, internal infrastructures, and telemetry platforms, have been found exposed on the internet due to Git-based processes and Source Code Management (SCM) platforms behavior. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The non-profit cybersecurity organization, the Shadowserver Foundation, has observed exploitation attempts against CVE-2024-5806. They noted that the exploitation began soon after the vulnerability details were made public. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The adoption of ransomware in cyberespionage attacks helps adversaries blur the lines between APT and cybercriminal activity, leading to potential misattribution or concealing the true nature of the operation. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Siemens recently patched several vulnerabilities in its Sicam products that could be exploited to target the energy sector. The updates addressed two high-severity and one medium-severity flaws. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The Medusa banking trojan (aka TangleBot) operates as a malware-as-a-service, providing keylogging, screen controls, and SMS manipulation. Note that this operation is different from the ransomware gang and the Mirai-based botnet with the same name. This article has been indexed…

Read more →

The polyfill.io domain, which offers JavaScript code to add functionality to older browsers, has been compromised and is infecting over 100,000 websites with malware. The domain was purchased by a Chinese organization earlier this year. This article has been indexed…

Read more →

UK and US law enforcement agencies have collaborated to combat the Qilin ransomware gang, which has targeted the global healthcare industry through several recent attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →