Australian Spy Chief Fears Critical Infrastructure Sabotage

/in

Adversaries are actively conducting sophisticated cyber reconnaissance on critical infrastructure networks in Australia, posing a significant threat to national security.

Cyware News – Latest Cyber News – ​Read More

BobTheSmuggler: Open-source tool for undetectable payload delivery

/in

The open-source tool supports various payload delivery chains and has future plans to add more image polyglots, file extensions, and EML file support for stealthy payload delivery.

Cyware News – Latest Cyber News – ​Read More

German Applied Sciences University Announces Being Hit by Criminal Cyberattack

/in

Hochschule Kempten, a university of applied sciences in Germany, has been targeted by a criminal cyberattack. The attack has affected access to several IT systems, including email, while the telephone system remains operational.

Cyware News – Latest Cyber News – ​Read More

Update: Chinese Group Runs Highly Persistent Ivanti Zero-Day Exploits

/in

Chinese threat actor UNC5325 is adept at using novel malware and “living off the land” techniques to persist in hacked devices even after factory resets and system upgrades.

Cyware News – Latest Cyber News – ​Read More

FTC’s Khan Warns Tech Industry That Agency Will Strictly Enforce AI Data Privacy

/in

The FTC’s aggressive approach to enforcing privacy regulations reflects a commitment to ensuring that AI model refinement does not compromise people’s privacy or security.

Cyware News – Latest Cyber News – ​Read More

Report: Business Logic Abuse Dominates as API Attacks Surge

/in

According to Imperva’s State of API Security Report, attacks on the business logic of APIs, including credential stuffing and data scraping, account for the largest share (27%) of API attacks.

Cyware News – Latest Cyber News – ​Read More

A Pornhub Chatbot Stopped Millions From Searching for Child Abuse Videos

/in

Every time someone in the UK searched for child abuse material on Pornhub, a chatbot appeared and told them how to get help.

Security Latest – ​Read More

US Government Expands Role in Software Security

/in

The White House Office of the National Cyber Director puts software developers on notice, calling for a move to memory-safe programming languages and the development of security metrics.

darkreading – ​Read More

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

/in

At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances.
UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as attempted to maintain

The Hacker News – ​Read More

Cybersecurity startup makes open source pay, gains funding in a down market

/in

Filigran is now instrumental in organizing and analyzing cybercrime data, managing the modeling of multiple ransomware campaigns and enhancing response to cyber incidents.Read More

Security News | VentureBeat – ​Read More