Update: Polyfill.io, BootCDN, Bootcss, Staticfile Attack Traced to one Operator

/in

Researchers found a public GitHub repo where the operators of Polyfill.io accidentally exposed their Cloudflare secret keys. By using these leaked API keys, they were able to confirm that a single entity was behind the attack on all four domains.

Cyware News – Latest Cyber News – ​Read More

Meet Brain Cipher — The New Ransomware Behind Indonesia’s Data Center Attack

/in

Brain Cipher ransomware has been uploaded to various malware-sharing sites, created using the leaked LockBit 3.0 builder. The encryptor used by Brain Cipher appends an extension and encrypts the file name of the encrypted files.

Cyware News – Latest Cyber News – ​Read More

Juniper Networks Warns of Critical Authentication Bypass Vulnerability

/in

Juniper Networks warns of a critical authentication bypass flaw impacting Session Smart routers and conductors.

The post Juniper Networks Warns of Critical Authentication Bypass Vulnerability appeared first on SecurityWeek.

SecurityWeek – ​Read More

Threat Actors Actively Exploit D-Link DIR-859 Router Flaw

/in

The flaw, which has a CVSS score of 9.8, allows threat actors to perform path traversal attacks and gain unauthorized access to sensitive information, including user passwords.

Cyware News – Latest Cyber News – ​Read More

Juniper Releases Out-of-Cycle Fix for Max Severity Authentication Bypass Flaw

/in

Juniper Networks has released an emergency update to address a severe vulnerability in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products.

Cyware News – Latest Cyber News – ​Read More

TeamViewer Hack Officially Attributed to Russian Cyberspies

/in

TeamViewer has confirmed that the Russian cyberespionage group APT29 appears to be behind the recent hack.

The post TeamViewer Hack Officially Attributed to Russian Cyberspies appeared first on SecurityWeek.

SecurityWeek – ​Read More

Juniper Networks Releases Critical Security Update for Routers

/in

Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers.
The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity.
“An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or Conductor

The Hacker News – ​Read More

Generative AI is new attack vector endangering enterprises, says CrowdStrike CTO

/in

Gen AI opens up all kinds of opportunities to obtain sensitive data without even building malware.

Latest stories for ZDNET in Security – ​Read More

The dangers of voice fraud: We can’t detect what we can’t see

/in

Effectively combating voice fraud requires a combination of education, caution, business practices, technology and government regulation.Read More

Security News | VentureBeat – ​Read More

Mirai-like Botnet Targets Zyxel NAS Devices in Europe for DDoS Attacks

/in

Beware, Zyxel customers, and keep your devices up to date.

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More