Lohrman on Security

SEPTEMBER 22, 2024

There have been some new updates around airport security and identification. Here’s what you need to know.

140

140

The Hacker News

SEPTEMBER 22, 2024

Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign.

Malware 98

Malware Software 98

Penetration Testing

SEPTEMBER 22, 2024

In a concerning development for organizations relying on Keycloak for secure identity and access management, a high-severity vulnerability has been discovered in its SAML signature validation process. Tracked as CVE-2024-8698,... The post CVE-2024-8698: Keycloak Vulnerability Puts SAML Authentication at Risk appeared first on Cybersecurity News.

Authentication 95

Authentication Risk Cybersecurity 95

Security Affairs

SEPTEMBER 22, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Protect Your Crypto: Understanding the Ongoing Global Malware Attacks and What We Are Doing to Stop Them CISA warns of Windows flaw used in infostealer malware attacks Exotic SambaSpy is now dancing with Italian users Loki: a new private agent for the popular Mythic framework Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate Gleaming Pisces Poi

Malware 95

Malware Healthcare IoT Cryptocurrency 95

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

The Hacker News

SEPTEMBER 22, 2024

A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools.

Malware 83

Malware Government 83

Security Affairs

SEPTEMBER 22, 2024

GreyNoise Intelligence firm warns of a mysterious phenomenon observed since January 2020, massive waves of spoofed traffic called Noise Storms. GreyNoise Intelligence has been tracking a mysterious phenomenon since January 2020 consisting of massive waves of spoofed traffic, tracked by the experts as ‘Noise Storms.’ Despite the investigation into the traffic, the company has yet to understand which is the reason behind these storms.

DDOS 91

DDOS Internet Internet Cyber threats 91

Security Affairs

SEPTEMBER 22, 2024

Hacktivist group Twelve is back and targets Russian entities to destroy critical assets and disrupt their operations. The hacktivist group Twelve has been active since at least April 2023, it was formed in the wake of the conflict between Russia and Ukraine. The threat actor focuses on destroying critical assets, disrupting target business, and stealing sensitive data.

VPN 79

VPN Encryption Hacking Accountability 79

Penetration Testing

SEPTEMBER 22, 2024

The latest vulnerability disclosure identifies a significant security flaw in the Microchip Advanced Software Framework (ASF), specifically within its tinydhcp server implementation. This vulnerability, designated CVE-2024-7490, exposes IoT devices using... The post CVE-2024-7490: Urgent Warning for IoT Devices Using Microchip ASF, No Patch Available appeared first on Cybersecurity News.

IoT 63

IoT Software Cybersecurity 63

Security Boulevard

SEPTEMBER 22, 2024

Authors/Presenters:Zili Zhang, Chao Jin, Xin Jin Our sincere thanks to USENIX , and the Presenters & Authors for publishing their superb 21st USENIX Symposium on Networked Systems Design and Implementation (NSDI '24) content, placing the organizations enduring commitment to Open Access front and center. Originating from the conference’s events situated at the Hyatt Regency Santa Clara ; and via the organizations YouTube channel.

62

62

Penetration Testing

SEPTEMBER 22, 2024

A recently disclosed security advisory has unveiled a critical vulnerability affecting FreeBSD’s bhyve hypervisor. Identified as CVE-2024-41721, this flaw carries a CVSS score of 9.8, reflecting its high severity. The... The post FreeBSD Issues Critical Security Advisory for CVE-2024-41721 (CVSS 9.8) appeared first on Cybersecurity News.

Cybersecurity 68

Cybersecurity 68

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

Cyber Attacks

Hacker's King

SEPTEMBER 22, 2024

In the world of cybersecurity, Telnet might seem outdated and was replaced by SSH protocol but it's still a powerful tool for penetration testers and hackers. Despite its age, this remote access protocol is valuable for network testing which allows you to connect to servers and devices. With the right techniques, ethical hackers can use Telnet to identify vulnerabilities , gather information, and launch attacks on networks—making it a valuable skill for penetration testing.

Penetration Testing 52

Penetration Testing Telecommunications Software Media 52

Penetration Testing

SEPTEMBER 22, 2024

Google security researchers recently brought attention to the lingering impact of info-stealing malware. One such threat is the RECORDSTEALER malware, also known as RecordBreaker and Raccoon Stealer V2. This info-stealer,... The post RecordStealer: A Case Study in the Persistent Threat of Info-Stealing Malware appeared first on Cybersecurity News.

Malware 54

Malware Cybersecurity 54

Hacker's King

SEPTEMBER 22, 2024

In this article, we are going to learn Linux commands that help in blue teaming to work easily. While working as a Soc Analyst or Blue teaming you should be familiar with operating systems such as macOS , Linux , Windows. The skills of an SOC analyst without Linux knowledge may be quite inadequate as having some Linux knowledge is very important for the SOC analysts.

System Administration 52

System Administration Media Software Passwords 52

Penetration Testing

SEPTEMBER 22, 2024

Earlier reports suggested that Qualcomm, a major chip design company, has shown significant interest in Intel’s chip design division and may be considering an acquisition of Intel’s PC processor design... The post Qualcomm’s Bold Move: Intel Acquisition Bid Faces Antitrust Hurdle appeared first on Cybersecurity News.

Cybersecurity 51

Cybersecurity Technology 51

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

Zero Day

SEPTEMBER 22, 2024

This lifetime license bundle deal gives you access to the entire Microsoft Office Pro 2021 suite and Windows 11 Pro for just $55 for a limited time.

52

52

Penetration Testing

SEPTEMBER 22, 2024

In a concerning development for Grafana users, a critical security vulnerability has been discovered in the Grafana Plugin SDK for Go. Tracked as CVE-2024-8986 and assigned a CVSS score of... The post CVE-2024-8986 (CVSS 9.1): Critical Grafana Plugin SDK Flaw Exposes Sensitive Information appeared first on Cybersecurity News.

Cybersecurity 51

Cybersecurity 51

Security Affairs

SEPTEMBER 22, 2024

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Hackers stole over $44 million from Asian crypto platform BingX OP KAERB: Europol dismantled phishing scheme targeting mobile users Ukraine bans Telegram for government agencies, military, and critical infrastructure Tor Project responded to claims that l

Surveillance 87

Surveillance Cryptocurrency Spyware Phishing 87

Penetration Testing

SEPTEMBER 22, 2024

A serious security flaw has been uncovered in Dragonfly2, an open-source, peer-to-peer-based file distribution and image acceleration system. The vulnerability, CVE-2023-27584, carries a CVSS score of 9.8, reflecting its critical... The post Critical Dragonfly2 Flaw CVE-2023-27584: Hardcoded Key Threatens Admin Access appeared first on Cybersecurity News.

Cybersecurity 51

Cybersecurity 51

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Penetration Testing

SEPTEMBER 22, 2024

GreyNoise Intelligence has recently released findings regarding a new and increasingly complex wave of “Noise Storms” – massive, enigmatic surges of fake traffic that have baffled experts since 2020. This... The post GreyNoise Intelligence Uncovers New Internet Noise Storm with Potential China Link and Cryptic “LOVE” Message appeared first on Cybersecurity News.

Internet 46

Internet Internet Cybersecurity 46

Penetration Testing

SEPTEMBER 22, 2024

Windows Server Update Services (WSUS) is a long-standing update service from Microsoft aimed at enterprises, allowing IT administrators to manage the pace of updates for internal network devices. Earlier this... The post Windows Server Update Services Deprecation: What It Means for Your Update Strategy appeared first on Cybersecurity News.

Cybersecurity 44

Cybersecurity 44