The D-Link DAP-2310 Wireless Access Point (WAP) has been identified as vulnerable to remote code execution (RCE). Dark Wolf Solutions discovered this vulnerability, which seriously threatens users by allowing attackers to gain unauthorized remote access. This guide delves into the…
Tag: EN
Verkada to Pay $2.95 Million Over FTC Probe Into Security Camera Hacking
The FTC complaint alleges that Verkada’s failures allowed a hacker to access customers’ security cameras. The post Verkada to Pay $2.95 Million Over FTC Probe Into Security Camera Hacking appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
U.S. Courts Under Cyberattack and the Impact on Justice
Due to the sophistication of cyber threats, cybercriminals target judicial systems more often, exposing significant vulnerabilities. Numerous attacks disrupt court operations and have broader implications, as they hurt employers who use public records to check their criminal records. Gaining…
Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads
Cisco Talos recently discovered several related Microsoft Office documents uploaded to VirusTotal by various actors between May and July 2024 that were all generated by a version of a payload generator framework called “MacroPack.” This article has been indexed from…
Silicon UK AI For Your Business Podcast: Copyright in the Age of AI
Explore the complexities of copyright in the age of AI on the Silicon UK AI For Your Business Podcast, uncovering legal challenges, ethical dilemmas, and innovative solutions. This article has been indexed from Silicon UK Read the original article: Silicon…
Researchers Link ManticoraLoader Malware to Ares Malware Developer
Researchers have traced the new ManticoraLoader malware-as-a-service (MaaS) to the cybercriminal group ‘DarkBLUP,’ previously associated with distributing AresLoader and AiDLocker ransomware from the DeadXInject group. This article has been indexed from Cyware News – Latest Cyber News Read the original…
The US Navy Is Going All In on Starlink
The Navy is testing out the Elon Musk–owned satellite constellation to provide high-speed internet access to sailors at sea. It’s part of a bigger project that’s about more than just getting online. This article has been indexed from Security Latest…
A deep dive into the most interesting incident response cases of last year
Kaspersky Global Emergency Response Team (GERT) shares the most interesting IR cases for the year 2023: insider attacks, ToddyCat-like APT, Flax Typhoon and more. This article has been indexed from Securelist Read the original article: A deep dive into the…
Top 5 CVEs and Vulnerabilities of August 2024: Key Threats and How to Respond
August has seen some of the most eye-opening vulnerabilities surface, catching the attention of security experts across the globe. These aren’t just numbers in a database, they represent real challenges… The post Top 5 CVEs and Vulnerabilities of August 2024:…
New ManticoraLoader – Malware Attacking Citrix Users To Steal Data
Cyble Research & Intelligence Labs has recently found information about a new type of malware-as-a-service (MaaS) called ‘ManticoraLoader’ in some underground forums. Since August 8, 2024, on forums and Telegram, this MaaS service has been offered by the threat group…
Verkada Pay $2.95 Million Failed To Secure Data Lead To Massive Breach
The FTC has ordered Verkada to implement a comprehensive information security program to address its lax security practices that allowed a hacker to compromise customer security cameras. Verkada will pay a $2.95 million fine for violating the CAN-SPAM Act by…
Researchers Find SQL Injection Flaw to Bypass Airport TSA Security Checks
Security researchers discovered a SQL injection vulnerability in FlyCASS, a third-party web service used by airlines to manage the Known Crewmember (KCM) program and the Cockpit Access Security System (CASS). This article has been indexed from Cyware News – Latest…
City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack
The City of Columbus sued a researcher who disclosed the impact of the data breach caused by a recent ransomware attack. The post City of Columbus Sues Researcher Who Disclosed Impact of Ransomware Attack appeared first on SecurityWeek. This article…
Rocinante Trojan Poses as Banking Apps to Steal Sensitive Data from Brazilian Android Users
Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante. “This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII…
TikTok Parent ByteDance Seeks $9.5bn In Loans
TikTok parent ByteDance seeks landmark $9.5bn in bank loans to refinance existing facility and fund operating expenses amidst expansion This article has been indexed from Silicon UK Read the original article: TikTok Parent ByteDance Seeks $9.5bn In Loans
Binance Executive Renews Nigeria Bail Plea On Health Grounds
Binance executive files new bail appeal on health grounds after detention in country for months amidst money laundering probe This article has been indexed from Silicon UK Read the original article: Binance Executive Renews Nigeria Bail Plea On Health Grounds
New Custom Malware “Tickler” Attack Satellite Devices
Microsoft identified a new custom multi-stage backdoor, “Tickler,” deployed by the Iranian state-sponsored threat actor Peach Sandstorm between April and July 2024. Targeting sectors like satellite, communications equipment, oil and gas, and government, Tickler has been used to gather intelligence.…
North Korean Hackers Actively Exploiting Chromium RCE Zero-Day In The Wild
Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution on cryptocurrency targets. The threat actor deployed the FudModule rootkit, previously attributed to Diamond Sleet, suggesting potential shared…
Head Mare Hacktivist Group Exploit WinRAR Vulnerability To Encrypt Windows And Linux
Head Mare, a Russian-focused hacktivist group, gained notoriety in 2023 by targeting organizations in Russia and Belarus as they employ phishing tactics to distribute WinRAR archives exploiting the CVE-2023-38831 vulnerability, gaining initial access to victims’ systems. Once inside, they steal…
10 Topics Every Cybersecurity Awareness Training Program Should Cover
While the cybersecurity team plays a critical role in the fight against data breaches, a company’s employees are often the first line of defense (or failure). The numbers back this up: IBM’s 2024 data breach report shows cybersecurity employee training…