Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals

/in

The most dangerous vulnerability you’ve never heard of.
In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of

The Hacker News – ​Read More

New Tickler Malware Used to Backdoor US Government, Defense Organizations

/in

APT33 used the new Tickler malware to infiltrate government and defense organizations in the US and the UAE. The group, known as Peach Sandstorm and Refined Kitten, is linked to the Iranian Revolutionary Guard Corps.

Cyware News – Latest Cyber News – ​Read More

LummaC2 Infostealer Resurfaces with Obfuscated PowerShell Tactics

/in

The latest variant employs obfuscated PowerShell commands to download and execute malicious payloads, utilizing Windows binaries like Mshta.exe and Dllhost.exe for stealth.

Cyware News – Latest Cyber News – ​Read More

US Government Issues Advisory on Ransomware Group Blamed for Halliburton Cyberattack

/in

The RansomHub ransomware group, which has made at least 210 victims, is believed to be behind the attack on oil giant Halliburton. 

The post US Government Issues Advisory on Ransomware Group Blamed for Halliburton Cyberattack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Fortra Patches Critical Vulnerability in FileCatalyst Workflow

/in

Fortra limits access to FileCatalyst Workflow database after vendor knowledgebase article leaks default credentials.

The post Fortra Patches Critical Vulnerability in FileCatalyst Workflow appeared first on SecurityWeek.

SecurityWeek – ​Read More

Buffer Overflow Flaw in TP-Link Routers Opens Door to RCE

/in

A critical vulnerability, CVE-2024-42815, with a CVSS score of 9.8, has been discovered in TP-Link RE365 V1_180213 series routers, allowing for remote exploitation and potential takeover.

Cyware News – Latest Cyber News – ​Read More

US Election-Themed Phishing Scams Rely on Fake Donation Sites

/in

The domain actsblue[.]com is posing as the legitimate actblue[.]com, a platform for Democratic Party donations. The malicious site is registered anonymously with Namecheap, making it difficult to trace back to the threat actors.

Cyware News – Latest Cyber News – ​Read More

2 Men From Europe Charged With ‘Swatting’ Plot Targeting Former US President and Members of Congress

/in

A former US president and several members of Congress were targets of a plot carried out by two European men to intimidate and threaten dozens of people by calling in bogus reports of police emergencies at their homes.

The post 2 Men From Europe Charged With ‘Swatting’ Plot Targeting Former US President and Members of Congress appeared first on SecurityWeek.

SecurityWeek – ​Read More

Critical Flaws in Progress Software WhatsUp Gold Expose Systems to Full Compromise

/in

Censys warns of over 1,200 internet-accessible WhatsUp Gold instances potentially exposed to malicious attacks.

The post Critical Flaws in Progress Software WhatsUp Gold Expose Systems to Full Compromise appeared first on SecurityWeek.

SecurityWeek – ​Read More

Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns

/in

Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances.
“The attacks involve threat actors that employ methods such as the deployment of shell scripts and XMRig miners, targeting of SSH endpoints, killing competing crypto mining processes,

The Hacker News – ​Read More