Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers

/in

GreyNoise observes the first attempts to exploit a path traversal vulnerability in discontinued D-Link DIR-859 WiFi routers.

The post Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers appeared first on SecurityWeek.

SecurityWeek – ​Read More

New ‘regreSSHion’ Remote Unauthenticated Code Execution Vulnerability Discovered in OpenSSH Server

/in

Approximately 700,000 external internet-facing instances are vulnerable, accounting for 31% of global instances with OpenSSH. Additionally, a small percentage of vulnerable instances are running an End-Of-Life/End-Of-Support version of OpenSSH.

Cyware News – Latest Cyber News – ​Read More

Web Scraping is Not Just a Security or Fraud Problem

/in

Scraper bots have a negative impact on various aspects of an organization, including revenue, competitive advantage, brand identity, customer experience, infrastructure costs, and digital experience.

Cyware News – Latest Cyber News – ​Read More

Fake IT Support Sites Push Malicious PowerShell Scripts as Windows Fixes

/in

These sites are promoted through compromised YouTube channels, lending them credibility. One particular error, the 0x80070643 error, which appeared after a Microsoft security update, has been exploited by threat actors.

Cyware News – Latest Cyber News – ​Read More

AVG Secure VPN vs Surfshark (2024): Which VPN Is Better?

/in

Is Surfshark better than AVG? Is AVG Secure VPN worth it? Find out which VPN is better with our guide.

Security | TechRepublic – ​Read More

Prudential Financial Data Breach Impacts 2.5 Million

/in

Prudential Financial has updated the February data breach impact estimate to 2.5 million individuals.

The post Prudential Financial Data Breach Impacts 2.5 Million appeared first on SecurityWeek.

SecurityWeek – ​Read More

Update: Polyfill.io, BootCDN, Bootcss, Staticfile Attack Traced to one Operator

/in

Researchers found a public GitHub repo where the operators of Polyfill.io accidentally exposed their Cloudflare secret keys. By using these leaked API keys, they were able to confirm that a single entity was behind the attack on all four domains.

Cyware News – Latest Cyber News – ​Read More

Meet Brain Cipher — The New Ransomware Behind Indonesia’s Data Center Attack

/in

Brain Cipher ransomware has been uploaded to various malware-sharing sites, created using the leaked LockBit 3.0 builder. The encryptor used by Brain Cipher appends an extension and encrypts the file name of the encrypted files.

Cyware News – Latest Cyber News – ​Read More

Juniper Networks Warns of Critical Authentication Bypass Vulnerability

/in

Juniper Networks warns of a critical authentication bypass flaw impacting Session Smart routers and conductors.

The post Juniper Networks Warns of Critical Authentication Bypass Vulnerability appeared first on SecurityWeek.

SecurityWeek – ​Read More

Threat Actors Actively Exploit D-Link DIR-859 Router Flaw

/in

The flaw, which has a CVSS score of 9.8, allows threat actors to perform path traversal attacks and gain unauthorized access to sensitive information, including user passwords.

Cyware News – Latest Cyber News – ​Read More