Mon.Feb 19, 2024

article thumbnail

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices

The Hacker News

Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of 2023. The spyware targeted iOS, Android, and Windows devices.

Spyware 145
article thumbnail

Russia-linked APT TAG-70 targets European government and military mail servers exploiting Roundcube XSS

Security Affairs

An APT group, tracked as TAG-70, linked to Belarus and Russia exploited XSS flaws in Roundcube webmail servers to target over 80 organizations. Researchers from Recorded Future’s Insikt Group identified a cyberespionage campaign carried out by an APT group, tracked as TAG-70, linked to Belarus and Russia. The nation-state actors are known to carry out cyber-espionage against targeting government, military, and national infrastructure entities in Europe and Central Asia since at least December 20

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries

The Hacker News

The Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play's enhanced detection and protection mechanisms," ThreatFabric said in a report shared with The Hacker News.

Banking 144
article thumbnail

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Security Affairs

The Cactus ransomware gang claims the theft of 1.5TB of data from the Energy management and industrial automation firm Schneider Electric. The Cactus ransomware group claims responsibility for pilfering 1.5TB of data from the Energy management and industrial automation giant Schneider Electric. Schneider Electric is a multinational company that specializes in energy management, industrial automation, and digital transformation.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid

The Hacker News

An international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed Operation Cronos, is presently unknown, visiting the group's.

article thumbnail

CVE-2024-1597 (CVSS 10): Critical SQL Injection Flaw in PostgreSQL JDBC Driver

Penetration Testing

PostgreSQL databases are a popular choice for developers, but a recently discovered vulnerability (CVE-2024-1597, CVSS 10) highlights the importance of vigilance and proactive security measures. Let’s explore this flaw in the PostgreSQL JDBC Driver... The post CVE-2024-1597 (CVSS 10): Critical SQL Injection Flaw in PostgreSQL JDBC Driver appeared first on Penetration Testing.

More Trending

article thumbnail

40 Zero-Day Vulnerabilities Found in Autodesk AutoCAD

Penetration Testing

Autodesk AutoCAD, a widely used CAD software across engineering, architecture, and manufacturing industries, has been found to contain 40 zero-day vulnerabilities. These flaws, if exploited, could potentially allow attackers to execute arbitrary code, compromising... The post 40 Zero-Day Vulnerabilities Found in Autodesk AutoCAD appeared first on Penetration Testing.

article thumbnail

Operation Cronos: law enforcement disrupted the LockBit operation

Security Affairs

An international law enforcement operation codenamed ‘Operation Cronos’ led to the disruption of the LockBit ransomware operation. A joint law enforcement action, code-named Operation Cronos, conducted by law enforcement agencies from 11 countries has disrupted the LockBit ransomware operation. Below is the image of the Tor leak site of the Lockbit ransomware gang that was seized by the UK National Crime Agency (NCA). “The site is now under the control of law enforcement.

article thumbnail

CVE-2024-25600: WordPress’s Bricks Builder RCE Flaw Under Attack

Penetration Testing

A critical remote code execution (RCE) vulnerability (CVE-2024-25600, CVSS 9.8) has been discovered in the widely used WordPress site builder, Bricks Builder. This vulnerability is actively being exploited, rendering affected websites at significant risk.... The post CVE-2024-25600: WordPress’s Bricks Builder RCE Flaw Under Attack appeared first on Penetration Testing.

article thumbnail

How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)

The Hacker News

Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of Network Detection and Response (NDR) and how it’s become the most effective technology to detect cyber threats?

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

“KeyTrap” (CVE-2023-50387) Flaw Leaves DNS Systems Vulnerable, PoC Published

Penetration Testing

A proof-of-concept (PoC) was disclosed for a severe design flaw (CVE-2023-50387) in Domain Name System Security Extensions (DNSSEC), leaving DNS infrastructures vulnerable to widespread denial-of-service (DoS) attacks. Known as “KeyTrap“, this exploit targets DNSSEC-validating... The post “KeyTrap” (CVE-2023-50387) Flaw Leaves DNS Systems Vulnerable, PoC Published appeared first on Penetration Testing.

DNS 136
article thumbnail

Anatsa Android banking Trojan expands to Slovakia, Slovenia, and Czechia

Security Affairs

The Android banking trojan Anatsa resurged expanding its operation to new countries, including Slovakia, Slovenia, and Czechia. In November 2023, researchers from ThreatFabric observed a resurgence of the Anatsa banking Trojan, aka TeaBot and Toddler. Between November and February, the experts observed five distinct waves of attacks, each focusing on different regions.

Banking 135
article thumbnail

Intel Unveils 34 New Security Vulnerabilities: Urgent Thunderbolt Updates Required

Penetration Testing

Recently, Intel disclosed a total of 34 security vulnerabilities, encompassing 32 software issues and 2 firmware issues. These vulnerabilities affect a wide range of components, including chipset groups, Wi-Fi, and drivers for other components,... The post Intel Unveils 34 New Security Vulnerabilities: Urgent Thunderbolt Updates Required appeared first on Penetration Testing.

article thumbnail

A Ukrainian Raccoon Infostealer operator is awaiting trial in the US

Security Affairs

The Raccoon Infostealer operator, Mark Sokolovsky , was extradited to the US from the Netherlands to appear in a US court. In October 2020, the US Justice Department charged a Ukrainian national, Mark Sokolovsky (28), with computer fraud for allegedly infecting millions of computers with the Raccoon Infostealer. The man was held in the Netherlands, and he was charged for his alleged role in the international cybercrime operation known as Raccoon Infostealer.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Over 28,500 Exchange servers vulnerable to actively exploited bug

Bleeping Computer

Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. [.

131
131
article thumbnail

Why keeping track of user accounts is important

Malwarebytes

CISA (the Cybersecurity & Infrastructure Security Agency) has issued a cybersecurity advisory after the discovery of documents containing host and user information of a state government organization’s network environment—including metadata—on a dark web brokerage site. An attacker managed to compromise network administrator credentials through the account of a former employee of the organization.

article thumbnail

Wyze camera glitch gave 13,000 users a peek into other homes

Bleeping Computer

​Wyze shared more details on a security incident that impacted thousands of users on Friday and said that at least 13,000 customers could get a peek into other users' homes. [.

129
129
article thumbnail

Linux Kernel Flaw (CVE-2024-0646) Exposes Systems to Privilege Escalation

Penetration Testing

A flaw (CVE-2024-0646, CVSS 7.8) discovered in the Linux Kernel Transport Layer Security (kTLS) could have been exploited by local users to gain elevated system privileges or disrupt system operations. Fortunately, patches for this... The post Linux Kernel Flaw (CVE-2024-0646) Exposes Systems to Privilege Escalation appeared first on Penetration Testing.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Anatsa Android malware downloaded 150,000 times via Google Play

Bleeping Computer

The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. [.

Malware 117
article thumbnail

Better Together: How Duo Care Helps You Get Directly Involved With Product

Duo's Security Blog

The Cisco Duo team is filled with excellent researchers, designers, product managers, engineers, and more who know what we are doing when it comes to building a great product - but we also know that we are better together with input from our customers. Most people are generally familiar with the product release cycle, but for the sake of a quick refresher, below is the multi-step release process that Duo follows: Any organization utilizing a paid edition of Duo is used to being notified about fe

article thumbnail

LockBit ransomware disrupted by global police operation

Bleeping Computer

Law enforcement agencies from 11 countries have disrupted the notorious LockBit ransomware operation in a joint operation known as ''Operation Cronos." [.

article thumbnail

LockBit, the world’s worst ransomware, is down

Malwarebytes

For the last two years the absolute worst, most prolific, most globally significant “big game” ransomware gang has been LockBit. This evening its position as ransomware’s biggest beast is suddenly in doubt, following some non-consensual website redecoration at the hands of the UK’s National Crime Agency (NCA). The LockBit data leak site has a new look The LockBit dark web site usually hosts the names and data of organisations that refused to pay ransoms.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

North Korean hackers linked to defense sector supply-chain attack

Bleeping Computer

In an advisory today Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government. [.

article thumbnail

VulnRecap 2/19/2024: News from Microsoft, Zoom, SolarWinds

eSecurity Planet

While this week was a little light on vulnerability news, it’s still been significant, with Microsoft’s Patch Tuesday happening as well as updates for major products, like Zoom. Akira ransomware vulnerabilities have also surfaced in older Cisco products, and SolarWinds patched some remote code execution flaws in its Access Rights Manager product.

VPN 107
article thumbnail

Cactus ransomware claim to steal 1.5TB of Schneider Electric data

Bleeping Computer

The Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month.

article thumbnail

What Is Data Compliance? Top Regulations You Need to Know

Digital Guardian

Embracing data compliance can help organizations maintain best practices. Let's look at some of the challenges and benefits of data compliance, along with some of the top regulations.

102
102
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Hackers exploit critical RCE flaw in Bricks WordPress site builder

Bleeping Computer

Hackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. [.

106
106
article thumbnail

AS-REP Roasting

Penetration Testing Lab

Active Directory users that have the Kerberos pre-authentication enabled and require access to a resource initiate the Kerberos authentication process by sending an Authentication Server… Continue reading → AS-REP Roasting

article thumbnail

Rancher Vulnerability Alert (CVE-2024-22030): Act Now to Prevent Takeovers

Penetration Testing

A significant security vulnerability (CVE-2024-22030) has been identified in Rancher, the popular Kubernetes management platform, and its associated Fleet engine. This flaw carries a medium-to-high severity rating and if exploited, a malicious actor to... The post Rancher Vulnerability Alert (CVE-2024-22030): Act Now to Prevent Takeovers appeared first on Penetration Testing.

article thumbnail

How to Protect WordPress Sites from Exploitation

SecureWorld News

Hundreds of millions of websites on the internet today rely on the content management system WordPress. A platform that started as a blogging tool has evolved into a globally renowned solution that makes website design and development more accessible and easier than ever. Its relative simplicity of use, SEO friendliness, customization potential, flexibility, and built-in security setup are just some of the reasons why web developers and marketing professionals choose it to power their websites.

Backups 93
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.