China’s ‘Earth Lusca’ Propagates Multiplatform Backdoor
The malware, KTLVdoor, has already been found on more than 50 command-and-control servers and enables full control of any environment it compromises.
darkreading – Read More
YubiKeys Are a Security Gold Standard—but They Can Be Cloned
Security researchers have discovered a cryptographic flaw that leaves the YubiKey 5 vulnerable to attack.
Security Latest – Read More
Biden Admin Files Charges Against Election Meddlers From Russia
Working with the Treasury and Justice departments, the president has sanctioned anti-democratic Russian adversaries.
darkreading – Read More
Ransomware Gang Claims Cyberattack on Planned Parenthood
Planned Parenthood confirms “cybersecurity incident” as RansomHub ransomware gang threatens to leak 93 Gb of data stolen from the nonprofit last week.
The post Ransomware Gang Claims Cyberattack on Planned Parenthood appeared first on SecurityWeek.
SecurityWeek – Read More
Russian GRU Unit Tied to Assassinations Now Linked to Global Cyber Sabotage and Espionage
A secretive Russian military unit, previously linked to assassinations and destabilization in Europe, is blamed for destructive wiper malware attacks in Ukraine.
The post Russian GRU Unit Tied to Assassinations Now Linked to Global Cyber Sabotage and Espionage appeared first on SecurityWeek.
SecurityWeek – Read More
IBM Executive on Future Cybersecurity: Passkeys, Deepfakes & Quantum Computing
IBM’s Chris Hockings predicts a safer internet with advances in passkey tech, digital identity, deepfake defenses, and post-quantum cryptography.
Security | TechRepublic – Read More
Russian GRU Unit Tied to Assassinations Linked to Global Cyber Sabotage and Espionage
A secretive Russian military unit, previously linked to assassinations and destabilization in Europe, is blamed for destructive wiper malware attacks in Ukraine.
The post Russian GRU Unit Tied to Assassinations Linked to Global Cyber Sabotage and Espionage appeared first on SecurityWeek.
SecurityWeek – Read More
Litespeed Cache Flaw Exposes Millions of WordPress Sites to Takeover Attacks
Discovered by security researcher Rafie Muhammad, the flaw allows unauthorized users to take control of logged-in accounts, potentially gaining administrator privileges on WordPress sites.
Cyware News – Latest Cyber News – Read More
Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East
Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023.
“Sighting this group’s [Tactics, Techniques, and Procedures] in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them,” Kaspersky
The Hacker News – Read More
Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues
Veeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution.
The list of shortcomings is below –
CVE-2024-40711 (CVSS score: 9.8) – A vulnerability in Veeam Backup & Replication that allows unauthenticated remote code execution.
CVE-2024-42024 (CVSS score: 9.1
The Hacker News – Read More