Saturday, November 9, 2024

Cyber Security News

CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks' Expedition tool, which could lead to severe security breaches.The vulnerability,...

Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information

A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 that...

Cisco Flaw Let Attackers Run Command as Root User

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points.This flaw tracked...

Researchers Detailed Credential Abuse Cycle

The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking group responsible for distributed denial-of-service attacks. LameDuck, a new threat...

Rise Of Ransomware-As-A-Service Leads To Decline Of Custom Tools

Ransomware-as-a-Service (RaaS) platforms have revolutionized the ransomware market.Unlike traditional standalone ransomware sales, RaaS offers a subscription-based model where attackers can access pre-built ransomware...

North Korean Hackers Employing New Tactic To Acruire Remote Jobs

North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scripts to evade detection. InvisibleFerret...

CRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual Machine

Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as "penetration testing" or "exploiting vulnerabilities."These setups often use the tools and frameworks...

HookBot Malware Use Overlay Attacks Impersonate As Popular Brands To Steal Data

The HookBot malware family employs overlay attacks to trick users into revealing sensitive information by impersonating various brands and apps to gain trust. It...

ToxicPanda Banking Malware Attacking Banking Users To Steal Logins

Recent research has uncovered a new strain of malware developed for Android devices, initially misidentified as TgToxic. Despite sharing some bot command similarities, this malware,...

Azure API Management Vulnerabilities Let Attackers Escalate Privileges

Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and...

Google Patches High-Severity Vulnerabilities in Chrome

Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities.The Stable channel has now been updated to version 130.0.6723.116/.117 for Windows...