New NSA AI-powered Tool Would Help Industry Optimize Cyber Defense Testing

The Autonomous Penetration Testing platform would replace much of the laborious, manual process of such testing, where organizations use vulnerability scanning tools and other methods to measure the robustness of their cyberdefenses against hackers

Cyware News – Latest Cyber News – ​Read More

Threat Actor Abuses Trial Feature for Cloudflare Tunnels to Deliver RATs

Hackers are exploiting the free TryCloudflare service to distribute remote access trojans (RATs) like AsyncRAT, GuLoader, and Remcos RAT. This activity was first detected in February and has been linked to campaigns targeting various industries.

Cyware News – Latest Cyber News – ​Read More

New Discord DDoS Campaign Called Panamorfi Targets Vulnerable Jupyter Notebooks

Hackers are targeting misconfigured Jupyter Notebooks using a repurposed Minecraft DDoS tool known as mineping. The attack, dubbed Panamorfi, involves utilizing a Java tool to launch a TCP flood DDoS attack against vulnerable Jupyter Notebooks.

Cyware News – Latest Cyber News – ​Read More

Is Australia’s Public Sector Ready for a Major Cyber Security Incident?

Australia’s public sector agencies are under increasing pressure to improve their readiness for cyber attacks and data breaches, as surveys and investigations find their preparedness lackluster.

Security | TechRepublic – ​Read More

US Senate Panel Advances Cyber Regulatory Harmonization Bill

The Streamlining Federal Cybersecurity Regulations Act, led by senators Gary Peters and James Lankford, would create an interagency group to synchronize U.S. cyber regulatory regimes and establish a pilot program for testing new frameworks.

Cyware News – Latest Cyber News – ​Read More

Justice Department Sues TikTok, Accusing the Company of Illegally Collecting Children’s Data

The US Justice Department has sued TikTok, accusing the company of illegally collecting children’s data and violating an online privacy law.

The post Justice Department Sues TikTok, Accusing the Company of Illegally Collecting Children’s Data appeared first on SecurityWeek.

SecurityWeek – ​Read More

Germany Summons Chinese Ambassador Over Cyberattack on Cartography Agency

Germany has summoned the Chinese ambassador over a cyberattack by a Beijing-backed threat actor on a cartography agency. The attack, aimed at espionage, was carried out at the end of 2021.

Cyware News – Latest Cyber News – ​Read More

HP Wolf: Not just software attacks; hackers are coming for enterprise hardware, too

Study finds threat actors are increasingly targeting physical supply chains and tampering with device hardware and firmware integrity.Read More

Security News | VentureBeat – ​Read More

Ransomware Attack Cost Keytronic Over $17 Million

Keytronic says the recent ransomware attack resulted in expenses and lost revenue totaling more than $17 million.

The post Ransomware Attack Cost Keytronic Over $17 Million appeared first on SecurityWeek.

SecurityWeek – ​Read More

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.
The flaw, which is assigned the CVE identifier CVE-2024-6242, carries a CVSS v3.1 score of 8.4.
“A vulnerability exists in the affected products that allows a threat actor to

The Hacker News – ​Read More