South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group APT-C-60 exploited a zero-day, tracked as CVE-2024-7262, in the Windows version of WPS Office to deploy the SpyGlace…
Tag: EN
The NIS2 Directive: How Far Does it Reach?
Key aspects of the NIS2 Directive include a focus on proactive cybersecurity measures for entities within its scope, such as risk analysis, incident handling, and supply chain security. This article has been indexed from Cyware News – Latest Cyber News…
Fortra Patches Critical Vulnerability in FileCatalyst Workflow
Fortra limits access to FileCatalyst Workflow database after vendor knowledgebase article leaks default credentials. The post Fortra Patches Critical Vulnerability in FileCatalyst Workflow appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read the original article:…
INE Security Named 2024 SC Awards Finalist
Cary, North Carolina, 30th August 2024, CyberNewsWire The post INE Security Named 2024 SC Awards Finalist appeared first on Cybersecurity Insiders. This article has been indexed from Cybersecurity Insiders Read the original article: INE Security Named 2024 SC Awards Finalist
Cybersecurity Insurance: Signals Maturity to Partners, Improved Security Response
A newly released report, Forrester’s The State of Cyber, 2024 finds about 83% of organizations currently maintain cybersecurity insurance, and such policyholders tend to possess improved ability to detect and respond to attacks. The post Cybersecurity Insurance: Signals Maturity to…
Iranian Hackers Set Up New Network to Target U.S. Political Campaigns
Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future’s Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie,…
Malware Masquerading as Palo Alto GlobalProtect Tool Targets Middle East Users
Users in the Middle East are being targeted by sophisticated threat actors deploying malware disguised as the Palo Alto GlobalProtect tool, Trend Micro has revealed. The malware employs a two-stage infection process, leveraging advanced command-and-control (C&C) infrastructure to evade detection…
FBI: RansomHub Hits Over 200 Entities Since Feb
RansomHub, previously known as Cyclops and Knight, has quickly gained traction, targeting over 210 victims across US critical infrastructure sectors. This ransomware-as-a-service (RaaS) model has been active since February 2024. These include water and wastewater, information technology, government services and…
Top Cost-Effective Cybersecurity Strategies for SMBs
Safeguarding your small or medium-sized business against escalating cyber threats is essential, yet the steep costs of sophisticated security measures can be daunting. This guide delves into smart, budget-friendly cybersecurity tactics designed to fortify your business without draining your finances.…
Philippines: Intel Fusion Center Eyed to Boost Cybersecurity
The Department of Information and Communications Technology (DICT) is focusing on enhancing cybersecurity in the Philippines through the National CyberSecurity Plan (NCSP) 2023-2028. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Philippines:…
California Passes Landmark Bill Requiring Easier Data Sharing Opt-Outs for Consumers
California has passed a landmark bill that requires internet browsers and mobile operating systems to make it easier for consumers to opt out of sharing their private data with websites for targeted advertising. This article has been indexed from Cyware…
PoorTry Windows Driver Deletes Crucial Files to Impairs Windows Computers
The PoorTry Windows driver, originally used to disable EDR solutions, has now evolved into an EDR wiper, deleting crucial files to make system restoration harder. Sophos has confirmed actual EDR wiping attacks in the wild. This article has been indexed…
Veeam Widens Beam to MongoDB, Nutanix & Proxmox VE
Veeam has shown evidence of its capabilities to provide backup, recovery and cybersecurity across an increasing number of heavyweight cloud platforms, databases and service layers including MongoDB and Nutanix. The post Veeam Widens Beam to MongoDB, Nutanix & Proxmox VE…
New Malware Masquerades as Palo Alto VPN Targeting Middle East Users
Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool. “The malware can execute remote PowerShell commands, download and exfiltrate…
Unpatchable Zero-Day in Surveillance Cameras is Being Exploited to Install Mirai
The vulnerability, known as CVE-2024-7029, allows attackers to remotely execute commands on the compromised device. The targeted device is the AVM1203 surveillance camera from AVTECH. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Cisco Bolsters AI Security by Buying Robust Intelligence
Cisco is strengthening its AI security by acquiring Robust Intelligence, a startup led by a former Harvard professor. This acquisition emphasizes the importance of AI security in modern IT infrastructure. This article has been indexed from Cyware News – Latest…
Russian Hackers Use Commercial Spyware Exploits to Target Victims
In a campaign targeting Mongolian government websites, Russian-backed APT29 leveraged exploits previously used by spyware vendors NSO Group and Intellexa This article has been indexed from www.infosecurity-magazine.com Read the original article: Russian Hackers Use Commercial Spyware Exploits to Target Victims
TLD Tracker: Exploring Newly Released Top-Level Domains
Unit 42 researchers use a novel graph-based pipeline to detect misuse of 19 new TLDs for phishing, chatbots and more in several case studies. The post TLD Tracker: Exploring Newly Released Top-Level Domains appeared first on Unit 42. This article…
.NET-based Snake Keylogger Attack Windows Using Weaponized Excel Documents
Researchers uncovered a sophisticated phishing campaign that exploits a .NET-based Snake Keylogger variant. This attack leverages weaponized Excel documents to infiltrate Windows systems, posing significant threats to user data security. This article delves into the mechanics of the attack, the…
LummaC2 Infostealer Resurfaces with Obfuscated PowerShell Tactics
The latest variant employs obfuscated PowerShell commands to download and execute malicious payloads, utilizing Windows binaries like Mshta.exe and Dllhost.exe for stealth. This article has been indexed from Cyware News – Latest Cyber News Read the original article: LummaC2 Infostealer…