New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution...
News
Microsoft Monthly Security Update (July 2024)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesMicrosoft Dynamics Medium RiskInformation Disclosure Windows High RiskElevation of Privilege Security...
Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak
A threat actor continued their extortion campaign against Ticketmaster on Monday by claiming to leak over 30,000 print-at-home tickets stolen...
Avast Provides DoNex Ransomware Decryptor to Victims
Law enforcement organizations have been sharing decryptor keys with victims of the DoNex ransomware since March 2024, according to antivirus...
Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection
A majority of global manufacturers are inviting unnecessary extra cyber risk by failing to properly implement the DMARC email security...
Eldorado Ransomware Strikes Windows and Linux Networks
Security researchers have uncovered significant insights into the latest iteration of Ransomware-as-a-Service (RaaS) known as Eldorado. The sophisticated malware, designed to...
Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers
Evolve Bank & Trust, a prominent US banking-as-a-service company, has recently confirmed that a cyber-attack earlier in 2024 compromised the...
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by...
Critical Vulnerabilities in Gogs Open-Source Git Service
Security researchers have disclosed multiple vulnerabilities (CVE-2024-39930,CVE-2024-39931, CVE-2024-39932) affecting Gogs open-source Git service. The vulnerabilities have a Common Vulnerability Scoring...
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
Cybersecurity researchers have found that it's possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal...
GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel
Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool...
HUMINT: Diving Deep into the Dark Web
Clear Web vs. Deep Web vs. Dark Web Threat intelligence professionals divide the internet into three main components: Clear Web...
Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories
Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to...
Cybersecurity Agencies Warn of China-linked APT40’s Rapid Exploit Adaptation
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint...
F5 Products Denial of Service Vulnerability
A vulnerability was identified in F5 Products. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted...
Crypto Thefts Double to $1.4 Billion, TRM Labs Finds
Hacks and exploits on cryptocurrency exchanges are soaring, with twice as much money being stolen in the first half of...
10 Billion Passwords Leaked on Hacking Forum
Nearly 10 billion unique passwords have been leaked on a cybercrime forum, putting online users across the world at risk...
Mekotio Trojan Targets Latin American Banking Credentials
A new analysis has shed light on the threat posed by the Mekotio banking trojan, a sophisticated piece of malware primarily...
Cisco Warns regreSSHion Vulnerability Impacts Multiple Products
Cisco has warned customers that a number of its products are affected by the critical OpenSSH ‘regreSSHion’ vulnerability, which was...
New APT CloudSorcerer Malware Hits Russian Targets
Cybersecurity researchers have uncovered a new advanced persistent threat (APT) targeting Russian government entities, dubbed CloudSorcerer. This sophisticated cyberespionage tool, discovered...
Russia Blocks VPN Services in Information Crackdown
In a new move to restrict access to information, the Russian government has requested the removal of several virtual private...
US-CERT Vulnerability Summary for the Week of July 1, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New APT Group “CloudSorcerer” Targets Russian Government Entities
A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud...
New Ransomware-as-a-Service ‘Eldorado’ Targets Windows and Linux Systems
An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems. Eldorado...
