Ransomware Leak Site Reports Rose by 49% in 2023, but There Is Good News

/in

While ransomware groups targeted a wide range of industries for profit, the demise of several groups in 2023 was attributed to increased pressure from law enforcement and cybersecurity organizations.

Cyware News – Latest Cyber News – ​Read More

New Zardoor Backdoor Used in Long-Term Cyber Espionage Operation Targeting an Islamic Organization

/in

The threat actor maintained long-term access to the victim’s network, evading detection by using living-off-the-land binaries, side-loading backdoors, and leveraging open-source reverse proxy tools like Fast Reverse Proxy (FRP) and Venom.

Cyware News – Latest Cyber News – ​Read More

Chinese Threat Actors Found Spying on Dutch Defense Ministry Network

/in
Chinese state actors used a zero-day exploit in a Fortinet VPN to breach Dutch military systems—in early 2023—to deploy the Coathanger backdoor, revealed intelligence agencies. The malware conceals its activities by intercepting system functions that might expose it. Organizations are urged to enhance their cybersecurity measures by applying timely updates and patches.

Cyware News – Latest Cyber News – ​Read More

Google Will Block Android Users From Installing ‘Unsafe’ Apps in Fraud Protection Test

/in

Google is collaborating with the Singapore government to roll out a new security feature in Google Play Protect to block the installation of potentially risky side-loaded apps, aiming to protect Android users from malware-enabled scams.

Cyware News – Latest Cyber News – ​Read More

Raspberry Robin Actors are Buying Exploits for Faster Attacks

/in

The group’s access to exploits for vulnerabilities, such as CVE-2023-36802 and CVE-2023-29360, suggests ties to sophisticated developers and the purchase of external 64-bit executables rather than in-house development.

Cyware News – Latest Cyber News – ​Read More

Emirates NBD Reportedly Involved in a Data Breach

/in

The criminal organization “Wail Crinal 213” claims to have accessed the bank’s server and is allegedly selling sensitive customer data, including emails, usernames, account details, and more.

Cyware News – Latest Cyber News – ​Read More

ResumeLooters Steal Millions of Unique Emails from Multiple Sites

/in
ResumeLooters conducted a major cyber operation, compromising over 65 job search and retail websites across the Asia Pacific region and pilfering more than 2 million user records. The discovery of a new campaign serves as a reminder to secure databases and websites—which can be exploited by publicly available tools.

Cyware News – Latest Cyber News – ​Read More

Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity

/in

Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and

The Hacker News – ​Read More

Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways

/in

Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication.
The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system.
“An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti

The Hacker News – ​Read More

CodeSignal targets skills gap with ‘Learn’ platform amidst tech talent crunch

/in

CodeSignal Learn is a new platform that offers practice-based, mastery-oriented learning experiences for tech skills, powered by CodeSignal’s skill assessment engine.Read More

Security News | VentureBeat – ​Read More