Cyber Security News

Attackers, including nation-state actors, increasingly leverage legitimate cloud services for espionage operations, exploiting their low-profile and cost-effective nature.  The services, such as Microsoft OneDrive and Google Drive, evade detection by masquerading as trusted entities, thereby enabling covert data exfiltration and tool development.  Researchers discovered a novel Go-based backdoor, GoGra, deployed against a South Asian media […]

The post Hackers Leveraging OneDrive & Google Drive To Hide Malicious Traffic appeared first on Cyber Security News.

A critical vulnerability, designated as CVE-2024-42219, has been identified in 1Password 8 for Mac. This flaw allows malicious actors to exfiltrate vault items by bypassing the app’s platform security protections. Robinhood’s Red Team responsibly disclosed the issue following an independent security assessment of 1Password for Mac. CVE-2024-42219 – The Vulnerability The vulnerability affects the inter-process […]

The post 1Password Vulnerability Let Attackers Exfiltrate Vault Items appeared first on Cyber Security News.

A newly surfaced cybercampaign targeting Israeli users has thrust the sophisticated RHADAMANTHYS information stealer into the spotlight. Originating from Russian-speaking cybercriminals and offered as a Malware-as-a-Service, RHADAMANTHYS excels at data exfiltration.  Recent samples and in-depth analysis reveal a complex infection chain and extensive payload capabilities, highlighting the evolving threat landscape and underscoring the need for […]

The post RHADAMANTHYS Stealer Weaponizing RAR Archive To Steal Login Credentials appeared first on Cyber Security News.

The Apache CloudStack project has announced the release of long-term support (LTS) security updates, versions 4.18.2.3 and 4.19.1.1, which address two critical vulnerabilities, CVE-2024-42062 and CVE-2024-42222. These vulnerabilities pose significant risks to the integrity, confidentiality, and availability of CloudStack-managed infrastructure. CVE-2024-42062: User Key Exposure to Domain Admins CVE-2024-42062 is a critical vulnerability that affects Apache […]

The post Apache Cloudstack Vulnerability Exposes API & Secret Keys to Admin Accounts appeared first on Cyber Security News.

Mozilla has released Firefox 129, addressing multiple high-severity vulnerabilities. These patches are critical for enhancing the browser’s security and protecting users from potential exploits. Detailed Vulnerability Table The latest Firefox update patches several critical vulnerabilities, each significantly impacting user security. Below is a summary of the most notable issues: How to Build a Security Framework […]

The post Firefox Patches Multiple High Severity Vulnerabilities appeared first on Cyber Security News.

Phishing is the most effective method for an attacker to infiltrate an organization. Several attack methods and techniques are available for an attacker to send a phishing email. On the other hand, email clients such as Outlook or Gmail also have security measures to warn users whenever they receive an unknown email. One such security […]

The post Microsoft 365 Anti-phishing Feature Bypassed Using CSS Style Tags appeared first on Cyber Security News.

Kibana, a popular open-source data visualization and exploration tool, has identified a critical security flaw that could allow attackers to execute arbitrary code. This vulnerability, tracked as CVE-2024-37287, has a CVSSv3 severity rating of 9.9, indicating its critical nature. CVE-2024-37287 – Vulnerability Details The flaw arises from a prototype pollution vulnerability that can be exploited […]

The post Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

Google has released a critical security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could allow attackers to execute malicious code on users’ systems. The update, version 127.0.6533.99/.100 for Windows and Mac, and 127.0.6533.99 for Linux, was announced on August 6, 2024, and is currently being rolled out to users worldwide. The most […]

The post Multiple Chrome Vulnerabilities Let Attackers Execute Malicious Code appeared first on Cyber Security News.

Cybersecurity giant CrowdStrike has released a comprehensive technical root cause analysis detailing the events that led to a problematic Falcon sensor update on July 19, 2024. The incident caused system crashes for some Windows users and prompted a swift response from the company. The investigation shows that the problem came from a complicated interaction of […]

The post CrowdStrike Publishes Technical Root Cause Analysis of Faulty Falcon Update appeared first on Cyber Security News.

Researchers from LevelBlue Labs have uncovered a new tactic threat actors employ to hijack legitimate anti-virus software for malicious purposes. This sophisticated attack leverages a tool named SbaProxy, which masquerades as a legitimate anti-virus component to establish proxy connections through a command and control (C&C) server. SbaProxy is a new tool in the threat actor’s evolving toolkit, […]

The post Hackers Hijack Anti-Virus Software Using SbaProxy Hacking Tool appeared first on Cyber Security News.

Samsung has significantly increased its bug bounty program as part of its ongoing efforts to enhance mobile security. The tech giant is now offering rewards of up to $1 million for researchers who can demonstrate critical vulnerabilities in its mobile devices, particularly those related to arbitrary code execution on highly privileged targets. This new initiative, […]

The post Samsung Announces $1 Million Rewards for Arbitrary Code Execution Vulnerabilities appeared first on Cyber Security News.

The Western Digital Discovery app, a well-known provider of storage devices, has a vulnerability identified as CVE 2024-22169 with a CVSS base score of 7.1 that allows for code execution. The security vulnerability arises due to the Node.js environment settings in the WD Discovery App. Utilizing the ELECTRON_RUN_AS_NODE environment variable might allow code execution.   In […]

The post Western Digital’s WD Discovery App Flaw Allows Code Execution appeared first on Cyber Security News.

A new ransomware, dubbed CryptoKat, has emerged on the dark web, stirring significant concern within the cybersecurity community. The ransomware was first reported by the cybersecurity analyst MonThreat on their social media platform X, highlighting its advanced features and potential threat level. How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free […]

The post New Cryptokat Ransomware Released Allegedly Claiming Fast Encryption appeared first on Cyber Security News.

Hunters International has deployed a novel C# malware dubbed SharpRhino as an initial infection vector and persistent Remote Access Trojan (RAT).  Delivered through a typosquatting domain that looks like an Angry IP Scanner, SharpRhino uses techniques that have never been seen before to increase privileges, let the group move laterally without any problems, and then […]

The post Network Admins Beware! SharpRhino Ransomware Attacking Mimic As Angry IP Scanner appeared first on Cyber Security News.

Scalable package scanning within PyPi and npm using GuardDog software identified two malicious packages linked to a DPRK-aligned threat actor cluster dubbed “Stressed Pungsan.”  The cluster strongly aligns with Microsoft’s MOONSTONE SLEET, indicating a sophisticated supply chain attack vector. The packages are initial access points for malware distribution, enabling data exfiltration, credential theft, and lateral […]

The post North Korean Hackers Attacking Windows Users With Weaponized npm Files appeared first on Cyber Security News.

Hackers often target Window Smart App Control and SmartScreen security flaws to launch malicious code and applications for their illicit purposes. Threat actors aiming to undermine Windows security features can use these vulnerabilities to seize illicit access, steal sensitive data, and compromise system integrity. Cybersecurity researchers at Elastic Security Labs discovered Windows Smart App Control […]

The post Windows Smart App Control & SmartScreen Flaw Let Hackers Hijack Systems appeared first on Cyber Security News.

The Android Security Bulletin for August 2024 details vulnerabilities addressed by the 2024-08-05 security patch level.  The most critical issue is a high-severity vulnerability in the Framework component, which could potentially allow local privilege escalation without additional execution privileges.  Android partners were notified a month before, and source code patches will be released to the […]

The post Google Patches Actively Exploited Android Kernel Zero-Day Patched appeared first on Cyber Security News.

Researchers have introduced a novel threat detection model designed specifically for serverless cloud environments. This innovative approach leverages cloud providers’ native monitoring tools to detect anomalous behavior in serverless applications, providing a robust and efficient solution for identifying compromised serverless functions. Serverless computing has emerged as a popular cloud computing paradigm. It enables organizations to […]

The post New Threat Detection Model Detects Threats in Serverless Cloud With 0.003 False Rate appeared first on Cyber Security News.

A new ransomware variant named Doubleface has been announced by its creators. The ransomware, which boasts a range of sophisticated features, claims to be fully undetectable by major antivirus software. According to a Dark Web Informer tweet, Threat actors announced Doubleface Ransomware that claims fully undetectable. How to Build a Security Framework With Limited Resources […]

The post Threat Actors Announced Doubleface Ransomware, Claims Fully Undetectable appeared first on Cyber Security News.

A critical vulnerability identified as CVE-2024-6915 has been discovered in JFrog Artifactory, a widely used repository manager. This flaw, categorized under CWE-20 (Improper Input Validation), allows attackers to poison artifact caches, potentially leading to severe security breaches. CVE-2024-6915: Cache Poisoning The vulnerability has been marked as ‘Critical’ and was published and updated on August 5, […]

The post Jfrog Artifactory Flaw Let Attackers Poison Artifact Caches appeared first on Cyber Security News.