Plus: The FBI dismantles the largest-ever China-backed botnet, the DOJ charges two men with a $243 million crypto theft, Apple’s MacOS Sequoia breaks cybersecurity tools, and more. This article has been indexed from Security Latest Read the original article: Iranian…
Read more →
https://www.itsecuritynews.info/iranian-hackers-tried-to-give-hacked-trump-campaign-emails-to-dems/?utm_source=dlvr.it&utm_medium=blogger
Infosec News Online
Blog that provides latest Cyber security news and information.
Saturday, September 21, 2024
Threat Actor IntelBroker Allegedly Claims Leak of Deloitte Internal Communications
The notorious threat actor, IntelBroker, allegedly claimed responsibility for leaking internal communications from Deloitte, a leading global auditing firm. The breach reportedly occurred in September 2024, when an Apache Solr server was inadvertently exposed to the internet with default login credentials, allowing unauthorized access. Deloitte, known for its extensive work in auditing and consulting, found […]
The post Threat Actor IntelBroker Allegedly Claims Leak of Deloitte Internal Communications appeared first on Cyber Security News.
https://cybersecuritynews.com/intelbroker-deloitte-data/?utm_source=dlvr.it&utm_medium=blogger
The post Threat Actor IntelBroker Allegedly Claims Leak of Deloitte Internal Communications appeared first on Cyber Security News.
https://cybersecuritynews.com/intelbroker-deloitte-data/?utm_source=dlvr.it&utm_medium=blogger
Friday, September 20, 2024
Disney to Stop Using Slack Following Hack that Exposed Company Data
In a major move, the Walt Disney Company announced that it would no longer use Slack for in-house company communication. This decision comes months after a hack that leaked over a terabyte of company data to the public. According to a memo obtained by CNBC, Disney Chief Financial Officer Hugh Johnston informed employees and cast […]
The post Disney to Stop Using Slack Following Hack that Exposed Company Data appeared first on Cyber Security News.
https://cybersecuritynews.com/disney-to-stop-using-slack/?utm_source=dlvr.it&utm_medium=blogger
The post Disney to Stop Using Slack Following Hack that Exposed Company Data appeared first on Cyber Security News.
https://cybersecuritynews.com/disney-to-stop-using-slack/?utm_source=dlvr.it&utm_medium=blogger
Star Health Data Leak: 31 Million Customers’ Data Exposed via Telegram
India’s largest health insurance provider, Star Health, and Allied Insurance, recently experienced a significant data breach, resulting in the exposure of sensitive personal information belonging to more than 31 million customers. This breach has been facilitated through chatbots on the popular messaging app Telegram, raising serious concerns about data security and the misuse of technology […]
The post Star Health Data Leak: 31 Million Customers’ Data Exposed via Telegram appeared first on Cyber Security News.
https://cybersecuritynews.com/star-health-data-leak/?utm_source=dlvr.it&utm_medium=blogger
The post Star Health Data Leak: 31 Million Customers’ Data Exposed via Telegram appeared first on Cyber Security News.
https://cybersecuritynews.com/star-health-data-leak/?utm_source=dlvr.it&utm_medium=blogger
CISA Releases Six New Advisories For Industrial Control Systems
The Cybersecurity and Infrastructure Security Agency (CISA) has issued six new advisories concerning industrial control systems (ICS) on September 19, 2024. These advisories highlight critical vulnerabilities in various ICS products, offering crucial information for users to safeguard their systems against potential threats. Rockwell Automation RSLogix 5 And RSLogix 500 CISA’s advisory on Rockwell Automation’s RSLogix […]
The post CISA Releases Six New Advisories For Industrial Control Systems appeared first on Cyber Security News.
https://cybersecuritynews.com/cisa-industrial-control-systems-advisories/?utm_source=dlvr.it&utm_medium=blogger
The post CISA Releases Six New Advisories For Industrial Control Systems appeared first on Cyber Security News.
https://cybersecuritynews.com/cisa-industrial-control-systems-advisories/?utm_source=dlvr.it&utm_medium=blogger
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to target networks.
Google-owned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion sets tracked by Microsoft, Cisco Talos, and
https://thehackernews.com/2024/09/iranian-apt-unc1860-linked-to-mois.html?utm_source=dlvr.it&utm_medium=blogger
Google-owned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion sets tracked by Microsoft, Cisco Talos, and
https://thehackernews.com/2024/09/iranian-apt-unc1860-linked-to-mois.html?utm_source=dlvr.it&utm_medium=blogger
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild.
The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0.
"Path Traversal in the Ivanti CSA before 4.6 Patch
https://thehackernews.com/2024/09/critical-ivanti-cloud-appliance.html?utm_source=dlvr.it&utm_medium=blogger
The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0.
"Path Traversal in the Ivanti CSA before 4.6 Patch
https://thehackernews.com/2024/09/critical-ivanti-cloud-appliance.html?utm_source=dlvr.it&utm_medium=blogger
Thursday, September 19, 2024
CISA boss: Makers of insecure software are the real cyber villains
Write better code, urges Jen Easterly. And while you’re at it, give crime gangs horrible names like ‘Evil Ferret’ Software developers who ship buggy, insecure code are the real villains in the cyber crime story, Jen Easterly, boss of the…
Read more →
https://www.itsecuritynews.info/cisa-boss-makers-of-insecure-software-are-the-real-cyber-villains/?utm_source=dlvr.it&utm_medium=blogger
Read more →
https://www.itsecuritynews.info/cisa-boss-makers-of-insecure-software-are-the-real-cyber-villains/?utm_source=dlvr.it&utm_medium=blogger
Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw
Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability, tracked as CVE-2024-8963 (CVSS score…
Read more →
https://www.itsecuritynews.info/ivanti-warns-of-a-new-actively-exploited-cloud-services-appliance-csa-flaw/?utm_source=dlvr.it&utm_medium=blogger
Read more →
https://www.itsecuritynews.info/ivanti-warns-of-a-new-actively-exploited-cloud-services-appliance-csa-flaw/?utm_source=dlvr.it&utm_medium=blogger
New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system.
"The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim's assets, during which the threat actor uploaded a malicious script," Group-IB researchers Vito Alfano and Nam Le
https://thehackernews.com/2024/09/new-teamtnt-cryptojacking-campaign.html?utm_source=dlvr.it&utm_medium=blogger
"The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim's assets, during which the threat actor uploaded a malicious script," Group-IB researchers Vito Alfano and Nam Le
https://thehackernews.com/2024/09/new-teamtnt-cryptojacking-campaign.html?utm_source=dlvr.it&utm_medium=blogger
Subscribe to:
Posts (Atom)