Progress Software has alerted users to a critical vulnerability (CVE-2024-7591) in its LoadMaster ADC and load balancer solution. The flaw, with a CVSS score of 10, allows remote attackers to execute system commands without authentication. This article has been indexed…
Category: EN
Infosec Spending to Hit 3-Year Growth Peak, Reach $212B Next Year: Gartner
Global spending on information security is on track to reach nearly $212 billion next year, with a projected 15% increase from 2024. The majority of this spending is in security software, particularly in endpoint protection platforms. This article has been…
Use of Predator Spyware Rebounds After a Dip From Biden Sanctions, Researchers Say
Despite facing sanctions, Predator has managed to attract new customers and has been detected in various countries, including the Democratic Republic of Congo and Angola. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Vulnerability in Tencent WeChat custom browser could lead to remote code execution
Certain versions of WeChat, a popular messaging app created by tech giant Tencent, contain a type confusion vulnerability that could allow an adversary to execute remote code. While this issue, CVE-2023-3420, was disclosed and patched in the V8 engine in…
Goodbye Windows Control Panel?
As part of ongoing development, Microsoft has been trying to make the Windows 11 user experience more ‘app like’. The idea is to make the… The post Goodbye Windows Control Panel? appeared first on Panda Security Mediacenter. This article has…
TIDRONE Targets Military and Satellite Industries in Taiwan
Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Telegram’s Pavel Durov Speaks Out Against French Charges
First public response made by Telegram CEO Pavel Durov, after arrest in France over alleged criminal behaviour on his app This article has been indexed from Silicon UK Read the original article: Telegram’s Pavel Durov Speaks Out Against French Charges
Keeper Security Named a Value Leader in EMA’s 2024 PAM Radar™ Report
Passwords and secrets management organisation Keeper Security has earned the distinction of Value Leader in the latest Enterprise Management Associates (EMA) 2024 Privileged Access Management (PAM) Radar™ Report for the second year in a row. The report highlights KeeperPAM –…
Webmin/Virtualmin Vulnerability Opens Door to Loop DoS Attacks
A critical vulnerability (CVE-2024-2169) in Webmin/Virtualmin control panels allows for launching DoS attacks. This flaw reveals IP addresses through the UDP service on port 10000, enabling attackers to create a loop of traffic between servers. This article has been indexed…
Head Mare Hacktivist Group Targets Russia and Belarus
The group, active since at least 2023, exclusively targets companies in these countries. They use modern techniques to gain initial access to systems, primarily through phishing emails with custom malware like PhantomDL and PhantomCore. This article has been indexed from…
LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks
A vulnerability in the LiteSpeed Cache WordPress plugin leads to the exposure of sensitive information, including user cookies. The post LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks appeared first on SecurityWeek. This article has been indexed…
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an open-source…
The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025
The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to the independent survey, the demand for these services is increasing, with both providers and clients…
US and Allies Accuse Russian Military of Destructive Cyber-Attacks
The joint government advisory highlighted the cyber activities of Unit 29155, which has launched destructive cyber-attacks against critical infrastructure globally This article has been indexed from www.infosecurity-magazine.com Read the original article: US and Allies Accuse Russian Military of Destructive Cyber-Attacks
Cybersecurity News: Planned Parenthood cyberattack, DoJ propaganda takedown, Microchip Technology theft
In today’s cybersecurity news… Planned Parenthood cyberattack Officials from the nonprofit agency have confirmed that a cyberattack has impacted its IT systems, forcing it to take parts of its infrastructure […] The post Cybersecurity News: Planned Parenthood cyberattack, DoJ propaganda…
SonicWall Access Control Vulnerability Exploited in the Wild
SonicWall has issued an urgent advisory regarding a critical vulnerability in its SonicOS management access and SSLVPN. The flaw, identified as CVE-2024-40766, is actively exploited in the wild. It potentially allows unauthorized access to resources and, under certain conditions, causes…
Fog Ransomware Now Targeting the Financial Sector; Adlumin Thwarts Attack
The Fog Ransomware group, known for targeting education and recreation sectors, has expanded its scope to attack financial services organizations, where the attackers exploited compromised VPN credentials to deploy the ransomware, targeting both Windows and Linux endpoints. It has detected…
NoiseAttack is a Novel Backdoor That Uses Power Spectral Density For Evasion
NoiseAttack is a new method of secretly attacking deep learning models. It uses triggers made from White Gaussian Noise to create several targeted classes in the model, rather than just one, like most current methods. This approach also helps avoid…
Tropic Trooper Attacks Government Organizations to Steal Sensitive Data
Tropic Trooper (aka KeyBoy, Pirate Panda, and APT23) is a sophisticated cyberespionage APT group, and it has been active since 2011. This APT group primarily targets government institutions, military agencies, healthcare, transportation, and high-tech industries in Taiwan, the Philippines, and…
Ransomware attacks continue to increase in the US, UK, and Canada
Ransomware is one of the most dangerous and fast-growing threats in the digital world today. It’s a type of malware that can lock you out of your files or entire system until you pay a ransom, usually in cryptocurrency. This…