U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core to its Known Exploited Vulnerabilities (KEV) catalog, stating it’s being actively exploited in the wild.
The vulnerability in question is CVE-2023-35082 (CVSS score: 9.8), an authentication bypass

The Hacker News – ​Read More

Top Official Says Kansas Courts Need at Least $2.6 Million to Recover From Cyberattack

/in

Kansas Courts needs funding to cover the costs of bringing computer systems back online, pay vendors, improve cybersecurity and hire three additional cybersecurity officials.

The post Top Official Says Kansas Courts Need at Least $2.6 Million to Recover From Cyberattack appeared first on SecurityWeek.

SecurityWeek – ​Read More

Cybercrooks Target Docker Containers With Novel Pageview Generator

/in

Cyberattackers are exploiting Docker instances to drop the bot-tastic 9hits Web traffic generator and “earn” valuable credits that can be turned into cash.

darkreading – ​Read More

Google: Russia’s ColdRiver APT Unleashes Custom ‘Spica’ Malware

/in

Just in time for the US election season, one of the Kremlin’s favorite hack-and-leak spy groups — Star Blizzard — has developed its very first custom backdoor.

darkreading – ​Read More

Threat Actors Team Up for Post-Holiday Phishing Email Surge

/in

Just like you and me, cyberattackers returned from winter break and immediately started sending thousands of emails.

darkreading – ​Read More

Citrix Discovers 2 Vulnerabilities, Both Exploited in the Wild

/in

These vulnerabilities are the second and third for Citrix but are not expected to be as detrimental as “CitrixBleed.”

darkreading – ​Read More

Attackers Could Eavesdrop on AI Conversations on Apple, AMD, Imagination and Qualcomm GPUs

/in

Security researchers from Trail of Bits identified a GPU memory vulnerability they called LeftoverLocals. Some affected GPU vendors have issued fixes.

Security | TechRepublic – ​Read More

Malicious Extortion Bot Targets Publicly Exposed PostgreSQL and MySQL Databases

/in

The bot gains access to the databases, deletes all tables and databases, and leaves a ransom note demanding payment for data recovery. However, the bot only saves a small portion of the data, even if the ransom is paid.

Cyware News – Latest Cyber News – ​Read More

Weaponized AWS SES Accounts Anchor Massive Stealth Attack

/in

In today’s cloud, it seems, every convenience for customers is equally convenient to those who’d abuse these services for malicious purposes.

darkreading – ​Read More

TA866 Returns with a Large Email Campaign

/in

The new campaign by TA866 involved a large volume of emails with attached PDFs containing OneDrive URLs that initiated a multi-step infection chain leading to malware payload.

Cyware News – Latest Cyber News – ​Read More