RMM tools have become essential in managing remote devices, but they also pose risks if exploited by threat actors. Attackers can gain remote access to devices, exfiltrate data, and remain undetected.
Cyware News – Latest Cyber News – Read More
A security flaw in Microsoft Defender SmartScreen was exploited to deliver ACR, Lumma, and Meduza stealers in a recent campaign. The campaign targeted Spain, Thailand, and the U.S. by using booby-trapped files exploiting CVE-2024-21412.
Cyware News – Latest Cyber News – Read More
Verizon Communications has agreed to pay a $16 million settlement to the FCC for three data breaches at TracFone Wireless, a subsidiary acquired in 2021. TracFone provides services under brands like Total by Verizon Wireless and Straight Talk.
Cyware News – Latest Cyber News – Read More
Infoblox revealed a Chinese cybercrime syndicate called Vigorish Viper behind illegal online gambling brands advertised at European football stadiums. The group is linked to online gambling and cyber fraud-related human trafficking in Southeast Asia.
Cyware News – Latest Cyber News – Read More
Google has decided to continue supporting third-party cookies, instead proposing a new approach that allows users to opt-in to their Privacy Sandbox. This comes after criticism and regulatory pressure over privacy concerns and competition issues.
Cyware News – Latest Cyber News – Read More
The leak comes from a backup allegedly sold by Conor Fitzpatrick, also known as Pompompurin. Following the seizure of RaidForums in 2022, Fitzpatrick launched BreachForums v1, which was later seized by the FBI and linked to his arrest.
Cyware News – Latest Cyber News – Read More
Spanish police authorities have arrested three suspects connected to the pro-Russian hacker group NoName057(16), known for conducting DDoS attacks against Ukraine and its allies.
Cyware News – Latest Cyber News – Read More
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities are listed below –
CVE-2012-4792 (CVSS score: 9.3) – Microsoft Internet Explorer Use-After-Free Vulnerability
CVE-2024-39891 (CVSS score: 5.3) – Twilio Authy Information Disclosure
The Hacker News – Read More
A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza.
Fortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1).
The high-severity
The Hacker News – Read More
Delta has canceled more than 5,500 flights since the outage started early Friday morning.
The post Most Airlines Except One Are Recovering From the CrowdStrike Tech Outage. The Feds Have Noticed appeared first on SecurityWeek.
SecurityWeek – Read More