While their business and tech colleagues are busy experimenting and developing new applications, cybersecurity leaders are looking for ways to anticipate and counter new, AI-driven threats. It’s always been clear that AI impacts cybersecurity, but it’s a two-way street. Where…
Category: EN
China’s ‘Velvet Ant’ Hackers Caught Exploiting New Zero-Day in Cisco Devices
The vulnerability, known as CVE-2024-20399, affects Cisco NX-OS software used for Nexus-series switches. Sygnia discovered the vulnerability during an investigation into the threat group Velvet Ant. This article has been indexed from Cyware News – Latest Cyber News Read the…
Industrial cyberattacks fuel surge in OT cybersecurity spending
Enterprise spending on OT cybersecurity is predicted to increase by almost 70% to $21.6 billion globally by 2028, up from $12.75 billion in 2023, driven by attacks and regulation, according to ABI Research. This article has been indexed from Cyware…
National Australia Bank Raises Alarm About Cyber Threats to Major Banks
Australia’s four major banks, including ANZ Bank, Commonwealth Bank, National Australia Bank (NAB), and Westpac, are constantly under attack from threat actors seeking to steal sensitive information and money from unsuspecting customers. This article has been indexed from Cyware News…
7 Steps To Secure Critical Infrastructure
Critical infrastructure and public sector organizations such as government and municipalities, manufacturing units, communication networks, transportation services, power and water treatment plants, et. al, have been battling a growing wave of breaches and cyberattacks. The post 7 Steps To Secure…
LogRhythm’s enhancements boost analyst efficiency
LogRhythm announced its 9th consecutive quarterly release. In the AI-ready world, LogRhythm empowers security teams with the highest integrity data in the security industry to enhance the output of the AI tools used to defend organizations from cyberthreats. Coupled with…
China’s Premium EV Makers See Deliveries Surge In June
China’s top three premium EV makers see boost in deliveries in June, but incentives and discounts make profitability harder goal This article has been indexed from Silicon UK Read the original article: China’s Premium EV Makers See Deliveries Surge In…
Microsoft Shutters China Retail Stores
Microsoft reportedly shuts down all branded retail stores on Chinese mainland, four years after similar move internationally This article has been indexed from Silicon UK Read the original article: Microsoft Shutters China Retail Stores
France Prepares Formal Nvidia Antitrust Charges
French antitrust regulator reportedly preparing formal charges against Nvidia following dawn raids last September, amidst AI surge This article has been indexed from Silicon UK Read the original article: France Prepares Formal Nvidia Antitrust Charges
Grasshopper Hackers Mimic As Penetration Testing Service To Deploy Malware
Hackers often mimic penetration testing services to disguise their malicious activities as legitimate security assessments. By imitating authorized security testing, attackers can exploit the trust and access typically granted to legitimate penetration testers, allowing them to move more freely within…
Water Sigbin Exploiting Oracle WebLogic Server Flaw
Water Sigbin (8220 Gang) exploits vulnerabilities (CVE-2017-3506, CVE-2023-21839) in Oracle WebLogic servers to deliver cryptocurrency miners using PowerShell scripts. They use a multi-stage loading technique with a .Net Reactor protecting the payload to deploy the PureCrypter loader and XMRig miner,…
Sanctioned and Exposed, Predator Spyware Maker Group Has Gone Awfully Quiet
The group behind the Predator spyware, Intellexa Alliance, has significantly reduced its operations, indicating that it has been impacted by recent sanctions and exposure. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Brighton Park Capital Invests $112 Million in PortSwigger to Fuel Innovation and Product Development
The investment will fuel PortSwigger’s growth and enable the company to accelerate product development, expand research initiatives, strengthen its international presence, and continue driving innovation. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
Cisco has patched a zero-day vulnerability exploited by a Chinese APT group to compromise Nexus switches This article has been indexed from www.infosecurity-magazine.com Read the original article: Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
Exposing FakeBat loader: distribution methods and adversary infrastructure
During the first semester of 2024, FakeBat (aka EugenLoader, PaykLoader) was one of the most widespread loaders using the drive-by download technique. La publication suivante Exposing FakeBat loader: distribution methods and adversary infrastructure est un article de Sekoia.io Blog. This…
Cisco NX-OS Zero-Day Command Injection Vulnerability Let Hackers Gain Root Access
Cisco has disclosed a critical vulnerability in its widely-used NX-OS network operating system that could allow attackers to execute arbitrary commands with root privileges on affected devices. The company urges customers to upgrade to patched versions as soon as possible.…
regreSSHion – OpenSSH RCE Vulnerability Impacts 700K Linux Systems
The Qualys Threat Research Unit has identified a newly discovered vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387). This critical flaw, which allows unauthenticated remote code execution (RCE) as root, affects over 700,000 Linux systems exposed to the internet. The regreSSHion vulnerability…
China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware
Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco addressed an NX-OS zero-day, tracked as CVE-2024-20399 (CVSS score of 6.0), that the China-linked group Velvet Ant exploited…
Korean ERP Vendor’s Update Systems Subverted to Spew Malware
A South Korean ERP vendor’s product update server was breached by attackers who used it to distribute malware instead of legitimate updates, according to AhnLab, a local cybersecurity firm. This article has been indexed from Cyware News – Latest Cyber…
Poland to Probe Russia-Linked Cyberattack on State News Agency
Polish prosecutors are investigating a suspected Russian attack on the country’s state news agency, the Polish Press Agency (PAP). The attack, which occurred in May, aimed to spread disinformation and cause disruptions in Poland’s system or economy. This article has…