Tag: Cyware News – Latest Cyber News

These exchanges allowed users to trade cryptocurrencies anonymously, creating a safe environment for cybercriminals to launder their proceeds without fear of prosecution. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Germany Seizes…

Read more →

A sophisticated campaign is using GitHub repositories to spread the Lumma Stealer malware, targeting users interested in open-source projects or receiving email notifications from them. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Hackers are distributing a popular crypto-miner via malicious email auto-replies, as per researchers. They compromised email accounts to send innocent automatic replies with links to crypto-mining malware, specifically XMRig. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Acronis Backup Plugins have been affected by a critical security flaw, CVE-2024-8767 (CVSS 9.9). The vulnerability impacts Linux-based plugins for cPanel & WHM, Plesk, and DirectAdmin, potentially leading to data breaches and unauthorized operations. This article has been indexed from…

Read more →

Cybersecurity researchers at Darktrace have discovered cybercriminals exploiting Fortinet’s FortiClient EMS. The attackers targeted a critical vulnerability, CVE-2023-48788, to gain unauthorized access through an SQL injection flaw. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The attribution of the Raptor Train botnet to a Chinese nation-state actor is based on various factors, including operational timelines, targeting sectors aligned with Chinese interests, and the use of the Chinese language. This article has been indexed from Cyware…

Read more →

These counterfeit CAPTCHA tests prompt users to execute seemingly harmless commands, which actually lead to the installation of the dangerous Lumma Stealer malware on Windows devices. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The CISA has directed federal agencies to remove Flash Player by October 8, 2024, to safeguard sensitive data and critical operations. Adobe officially ended Flash Player support in 2020, recognizing its security risks. This article has been indexed from Cyware…

Read more →

In this campaign aimed at the APAC region, Earth Baxia used a new backdoor named EAGLEDOOR, which supports multiple communication protocols for information gathering and payload delivery. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Microsoft has confirmed CVE-2024-37985 as a zero-day bug in Windows with a CVSS score of 5.9. It is a Windows Kernel information disclosure vulnerability, allowing attackers to access heap memory from a privileged process on a vulnerable server. This article…

Read more →

Ransomware groups such as BianLian and Rhysida are now exploiting Microsoft Azure tools like Storage Explorer and AzCopy to steal data from compromised networks and store it in Azure Blob storage. This article has been indexed from Cyware News –…

Read more →

Security researcher Sina Kheirkhah has published a PoC exploit for CVE-2024-40711 in Veeam Backup & Replication, a critical vulnerability with a CVSS score of 9.8. The flaw allows unauthenticated RCE, posing a threat to enterprise environments. This article has been…

Read more →

GitLab has released a critical security patch for the CVE-2024-45409 vulnerability (CVSS 10). It impacts both GitLab Community Edition (CE) and Enterprise Edition (EE) and originates from the Ruby-SAML library used for SAML authentication. This article has been indexed from…

Read more →

Approximately nine percent of tested firmware images use non-production cryptographic keys that are publicly known, making Secure Boot devices vulnerable to UEFI bootkit malware attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The CISA and the FBI recommended software developers to implement rigorous validation, sanitization, and input escaping to prevent malicious script injections and data manipulation. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Red Hat OpenShift, a popular hybrid cloud platform with robust security features, is facing two critical vulnerabilities: CVE-2024-45496 (CVSS 9.9) and CVE-2024-7387 (CVSS 9.1). This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Prosecutors allege that Chinese national Wu Song targeted US academics and engineers to obtain applications used in aerospace engineering and fluid dynamics, which could be used for developing missiles and weapons. This article has been indexed from Cyware News –…

Read more →

The vulnerability was related to the undocumented Salesforce Aura API and SOQL subqueries, allowing a blind SOQL injection attack to retrieve customer information, including personally identifiable information (PII). This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Valid account abuse remains a top entry point for critical infrastructure attacks, with the CISA reporting that 2 in 5 successful intrusions last year were attributed to this method. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Cybersecurity firm Huntress reported that attackers search for publicly accessible installations of Foundation software on the internet and then attempt to gain administrative access by trying combinations of default usernames and passwords. This article has been indexed from Cyware News…

Read more →