As asserted by a major finding, researchers at the ATHENE National Research Center in Germany have identified a long-standing vulnerability in the Domain Name System (DNS) that could potentially lead to widespread Internet outages. This flaw, known as “KeyTrap”…
Category: EN
Recent Joomla Update Brings Multiple Security Fixes
Joomla users must ensure that they receive the latest update as the platform fixes numerous… Recent Joomla Update Brings Multiple Security Fixes on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Courses. This article has been…
Russian Ministry Software Backdoored with North Korean KONNI Malware
By Waqas Friend or Foe? This is a post from HackRead.com Read the original post: Russian Ministry Software Backdoored with North Korean KONNI Malware This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read…
Russian hacker is set to face trial for the hack of a local power grid
A Russian national (49) was charged with a cyberattack on a local power plant that caused a widespread blackout. The news agency TASS reported that a Russian national (49) is set to face trial on charges of carrying out a…
Cybercriminals Exploit Google Cloud Run in Extensive Banking Trojan Scheme
Security experts have issued a warning about hackers exploiting Google Cloud Run to distribute significant amounts of banking trojans such as Astaroth, Mekotio, and Ousaban. Google Cloud Run enables users to deploy various services, websites, or applications without the…
PyRIT – A Red Team Tool From Microsoft For Generative AI Systems
In a significant move to bolster the security of generative AI systems, Microsoft has announced the release of an open automation framework named PyRIT (Python Risk Identification Toolkit). This innovative toolkit enables security professionals and machine learning engineers to proactively…
A Look At Threat Intel, Through The Lens Of The r77 Rootkit
It’s been almost a year, but this Elastic Security write-up on the r77 rootkit popped up on my radar recently, so I thought it would be useful to do a walk-through of how someone with my background would mine open…
Here’s Why Robust Space Security Framework is Need of the Hour
Satellite systems are critical for communication, weather monitoring, navigation, Internet access, and numerous other purposes. These systems, however, suffer multiple challenges that jeopardise their security and integrity. To tackle these challenges, we must establish a strong cybersecurity framework to…
PSYOP campaigns targeting Ukraine – Week in security with Tony Anscombe
Coming in two waves, the campaign sought to demoralize Ukrainians and Ukrainian speakers abroad with disinformation messages about war-related subjects This article has been indexed from WeLiveSecurity Read the original article: PSYOP campaigns targeting Ukraine – Week in security with…
A Mysterious Leak Exposed Chinese Hacking Secrets
Plus: Scammers try to dupe Apple with 5,000 fake iPhones, Avast gets fined for selling browsing data, and researchers figure out how to clone fingerprints from your phone screen. This article has been indexed from Security Latest Read the original…
AI’s Dark Side: Splunk Report Forecasts Troubled Trends in Privacy and Security
There is no doubt that AI is going to be very beneficial to security professionals, but cybercriminals will be looking for ways to harness the power of AI to their advantage as well. As bad actors push artificial intelligence…
ConnectWise ScreenConnect Vulnerability: Navigating the Breach Risk
ConnectWise ScreenConnect, a widely-used remote access software, is facing a critical vulnerability that could expose sensitive data and allow the deployment of malicious code. Described as an authentication bypass flaw, the severity-rated vulnerability poses a significant risk to more…
Following MITRE’s footsteps in analyzing malware behavior
The MITRE framework helps all defenders speak the same language regarding attackers’ modus operandi. VirusTotal provides multiple data points where MITRE’s Tactics and Techniques are dynamically extracted from samples when detonated in our sandboxes. In particular, samples’ MITRE mapping can…
Begin a career in IT with this cybersecurity training bundle
Get 114 hours of ethical hacking, penetration testing, and more with this cybersecurity course bundle. This article has been indexed from Latest stories for ZDNET in Security Read the original article: Begin a career in IT with this cybersecurity training…
Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies
Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. “Microsoft will automatically…
Conti Ransomware Gang’s Russia-Based Music Album Labels and Plastika Recording Studio – An OSINT Analysis
I recently came across to another image courtesy of Conti ransomware gang’s internal and publicly accessible leaked communication which I data mined with the idea to come up with a proper analysis and connect the dots which in this case…
Outlook Users Beware 0-Day Exploit Released On Hacking Forums
Outlook has identified a security flaw that affects how it handles certain hyperlinks. Malware actors actively exploit the vulnerability in real-world attacks. The assigned CVE number for this vulnerability is CVE-2024-21413, with a severity rating of 9.8 (Critical). Microsoft has…
Why Do We Need Endpoint Security in 2024?
Before understanding the need for endpoint security, let’s make you see through a recent study on the same. Around 68% of businesses experienced a targeted endpoint attack that compromised their IT infrastructure. Devices also experienced the same percentage rise in…
Resilience to Acquire BreachQuest for an undisclosed price
In a strategic move to enhance its cyber risk management capabilities, Resilience has announced the acquisition of BreachQuest, an innovative incident response technology firm. This acquisition marks a significant step in Resilience’s efforts to combat the escalating threat of Business…
Remediation and Hardening Guide for ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)
On Feb. 19, 2024, ConnectWise announced two vulnerabilities for their ScreenConnect product affecting (on-premises) versions 23.9.7 and earlier: CVE-2024-1708 – Authentication Bypass Vulnerability (10.0) CVE-2024-1709 – Path Traversal Vulnerability (8.4) These vulnerabilities allow an unauthenticated actor to bypass authentication, and…