A critical vulnerability (CVE-2024-40711) in Veeam Backup & Replication software allows attackers to gain full control without authentication.…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More
The flaw in GeoServer, tracked as CVE-2024-36401 and with a CVSS score of 9.8, was swiftly capitalized on by hackers who launched campaigns using botnet families and cryptominers to spread malicious tools like Goreverse, a reverse proxy server.
Cyware News – Latest Cyber News – Read More
This flaw in the HTTP/2 multiplexer can lead to an endless loop, system crashes, and remote denial-of-service attacks, with a CVSS score of 7. 5. The vulnerability impacts HAProxy Enterprise, ALOHA, and Kubernetes Ingress Controller products.
Cyware News – Latest Cyber News – Read More
The car rental giant says personal information, credit card information, and driver’s license numbers were stolen in the August cyberattack.
© 2024 TechCrunch. All rights reserved. For personal use only.
Security News | TechCrunch – Read More
Initially believed to only impact SonicOS management access, it has now been confirmed to affect SSLVPN on SonicWall firewalls, including by Akira ransomware affiliates targeting accounts with disabled MFA and outdated firmware versions.
Cyware News – Latest Cyber News – Read More
Designed to be more than a one-time assessment— Wing Security’s SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture—and it’s free!
Introducing SaaS Pulse: Free Continuous SaaS Risk Management
Just like waiting for a medical issue to become critical before seeing a doctor, organizations can’t afford to overlook the constantly
The Hacker News – Read More
This attack begins with victims unknowingly downloading a malicious ZIP archive containing an installer file that sideloads a malicious DLL. This DLL then downloads the LummaC2 Stealer and a PowerShell script from a command-and-control server.
Cyware News – Latest Cyber News – Read More
The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center highlighted the ongoing discovery of vulnerabilities in Tomcat that pose a risk to organizations.
Cyware News – Latest Cyber News – Read More
Despite its connection to FIN7, other threat actors have also employed PackXOR to distribute payloads like XMRig cryptominer and R77 rootkit, often in conjunction with SilentCryptoMiner.
Cyware News – Latest Cyber News – Read More
Kaspersky’s customers in the US are being acquired by cybersecurity firm Pango and will be offered UltraAV antimalware software.
The post One Million US Kaspersky Customers Transferred to Pango’s UltraAV appeared first on SecurityWeek.
SecurityWeek – Read More