Weekly Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & More

On a weekly basis, the cyber security newsletter is considered an essential update on information that can be witnessed as a crucial intelligence briefing for the cybersecurity community. It summarizes in such a way that it enables professionals who are concerned with security, organizations, and people to remain ahead of new security threats. The range […]


The post Weekly Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & More appeared first on Cyber Security News.


https://cybersecuritynews.com/weekly-cyber-security-news-letter/?utm_source=dlvr.it&utm_medium=blogger

On Entrust? Imperva has your back!

Managing SSL/TLS certificates is a critical yet complex task for any organization. Certificates ensure secure communication between users and your web applications, but maintaining them involves constant vigilance and expertise. From monitoring expiration dates to renewing and deploying new certificates,…

Read more →


https://www.itsecuritynews.info/on-entrust-imperva-has-your-back/?utm_source=dlvr.it&utm_medium=blogger

Week in review: CrowdStrike update causes widespread IT outage, critical Splunk Enterprise flaw

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Faulty CrowdStrike update takes out Windows machines worldwide Thousands and possibly millions of Windows computers and servers worldwide have been made inoperable by a faulty…

Read more →


https://www.itsecuritynews.info/week-in-review-crowdstrike-update-causes-widespread-it-outage-critical-splunk-enterprise-flaw/?utm_source=dlvr.it&utm_medium=blogger

Life360 – 442,519 breached accounts

In July 2024, data scraped from a misconfigured Life360 API was posted online after being obtained several months earlier. The records included 443k unique email addresses and in most cases, corresponding names and phone numbers (some records were null or…

Read more →


https://www.itsecuritynews.info/life360-442519-breached-accounts/?utm_source=dlvr.it&utm_medium=blogger

Hackers Exploits CrowdStrike Issues to Lauch RemCos Malware on Windows

On July 19, 2024, CrowdStrike identified an issue in a content update for the Falcon sensor affecting Windows operating systems. A fix was promptly deployed. Threat actors are now actively exploiting this incident to target CrowdStrike customers through various malicious activities, such as Sending phishing emails posing as CrowdStrike support to customers impersonating CrowdStrike staff in phone […]


The post Hackers Exploits CrowdStrike Issues to Lauch RemCos Malware on Windows appeared first on Cyber Security News.


https://cybersecuritynews.com/threat-actor-exploits-crowdstrike-falcon-sensor-issues/?utm_source=dlvr.it&utm_medium=blogger

FIN7 Hacking Group Sells Custom Tool “AvNeutralizer” to Evade Endpoint Protectiono

  The notorious FIN7 hacking group has been identified selling a custom tool called “AvNeutralizer,” designed to bypass detection by disabling enterprise endpoint protection software on corporate networks. Believed to be a Russian hacking group active since 2013, FIN7 initially…

Read more →


https://www.itsecuritynews.info/fin7-hacking-group-sells-custom-tool-avneutralizer-to-evade-endpoint-protectiono/?utm_source=dlvr.it&utm_medium=blogger

Get a Babbel subscription for 78% off – the lowest price of the year

Save $469 on a Babbel Language Learning subscription and learn 14 new languages with this deal — the lowest price we’ve seen. This article has been indexed from Latest news Read the original article: Get a Babbel subscription for 78%…

Read more →


https://www.itsecuritynews.info/get-a-babbel-subscription-for-78-off-the-lowest-price-of-the-year/?utm_source=dlvr.it&utm_medium=blogger

I tested Samsung’s new Copilot+ PC, and it stands out from the crowd in 3 major ways

The Galaxy Book 4 Edge Copilot+ PC is a flagship laptop with a gorgeous display, impressive performance, and deep integration with Samsung’s ecosystem of devices. This article has been indexed from Latest news Read the original article: I tested Samsung’s…

Read more →


https://www.itsecuritynews.info/i-tested-samsungs-new-copilot-pc-and-it-stands-out-from-the-crowd-in-3-major-ways/?utm_source=dlvr.it&utm_medium=blogger

17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K.

Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate.
The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said. "The arrest is part of


https://thehackernews.com/2024/07/17-year-old-linked-to-scattered-spider.html?utm_source=dlvr.it&utm_medium=blogger

CrowdStrike Releases Fix for Updates Causing Windows to Enter BSOD Loop

CrowdStrike has issued a fix for a problematic update that caused numerous Windows systems to experience the Blue Screen of Death (BSOD), rendering them inoperable. This issue, which did not affect Mac or Linux hosts, was not a result of a security incident or cyberattack but stemmed from a defect in a single content update […]


The post CrowdStrike Releases Fix for Updates Causing Windows to Enter BSOD Loop appeared first on Cyber Security News.


https://cybersecuritynews.com/crowdstrike-fix-for-bsod-error-update/?utm_source=dlvr.it&utm_medium=blogger

Learn a new language with over 50% off a lifetime subscription to Rosetta Stone

Get access to language lessons in Spanish, French, Chinese, and more at a big discount right now. This article has been indexed from Latest news Read the original article: Learn a new language with over 50% off a lifetime subscription…

Read more →


https://www.itsecuritynews.info/learn-a-new-language-with-over-50-off-a-lifetime-subscription-to-rosetta-stone/?utm_source=dlvr.it&utm_medium=blogger

Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware

A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information.
These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future's Insikt Group said.
Targets of the ongoing campaign


https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html?utm_source=dlvr.it&utm_medium=blogger

SolarWinds Patches 11 Critical Flaws in Access Rights Manager Software

SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code.
Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0. The remaining four weaknesses have been rated High in severity, with each of them having a CVSS


https://thehackernews.com/2024/07/solarwinds-patches-11-critical-flaws-in.html?utm_source=dlvr.it&utm_medium=blogger

WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach

Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets.
"A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million," the company said in a statement. "This wallet was operated utilizing the services of Liminal's digital asset custody and


https://thehackernews.com/2024/07/wazirx-cryptocurrency-exchange-loses.html?utm_source=dlvr.it&utm_medium=blogger

Novel Chinese Browser Injector Lets Hackers Intercept Web Traffic

Hackers exploit browser injectors to manipulate web content, steal sensitive information, and hijack user sessions. By injecting malicious code into a user’s browser, they can facilitate a multitude of illicit activities. In addition, they will do so by leveraging the user’s trust in their browser. Cybersecurity researchers at ESET recently identified a novel Chinese browser […]


The post Novel Chinese Browser Injector Lets Hackers Intercept Web Traffic appeared first on Cyber Security News.


https://cybersecuritynews.com/novel-chinese-browser-injector/?utm_source=dlvr.it&utm_medium=blogger

Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver

Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading a kernel driver component that grants attackers the ability to run arbitrary code with elevated permissions on Windows hosts.
The malware, dubbed HotPage, gets its name from the eponymous installer ("HotPage.exe"), according to new findings from ESET.
The


https://thehackernews.com/2024/07/alert-hotpage-adware-disguised-as-ad.html?utm_source=dlvr.it&utm_medium=blogger

INTERPOL Taken Down West African Organized Crime Groups

Operation Jackal III has successfully targeted West African organized crime groups, including the notorious Black Axe syndicate. From April 10 to July 3, the operation spanned 21 countries across five continents. The coordinated effort led to the arrest of approximately 300 suspects, the identification of over 400 additional individuals, and the blocking of more than […]


The post INTERPOL Taken Down West African Organized Crime Groups appeared first on Cyber Security News.


https://cybersecuritynews.com/interpol-taken-down-west-african/?utm_source=dlvr.it&utm_medium=blogger

Meta Halts AI Use in Brazil Following Data Protection Authority's Ban

Meta has suspended the use of generative artificial intelligence (GenAI) in Brazil after the country's data protection authority issued a preliminary ban objecting to its new privacy policy.
The development was first reported by news agency Reuters.
The company said it has decided to suspend the tools while it is in talks with Brazil's National Data Protection Authority (ANPD) to address the


https://thehackernews.com/2024/07/meta-halts-ai-use-in-brazil-following.html?utm_source=dlvr.it&utm_medium=blogger

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager

Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users.
The vulnerability, tracked as CVE-2024-20419, carries a CVSS score of 10.0.
"This vulnerability is due to improper


https://thehackernews.com/2024/07/cisco-warns-of-critical-flaw-affecting.html?utm_source=dlvr.it&utm_medium=blogger

North Korean Hackers Update BeaverTail Malware to Target MacOS Users

Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People's Republic of Korea (DPRK) have delivered as part of prior cyber espionage campaigns targeting job seekers.
The artifact in question is an Apple macOS disk image (DMG) file named "MiroTalk.dmg" that mimics the legitimate video call service of the same name,


https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html?utm_source=dlvr.it&utm_medium=blogger

Resonance Security Launches Harmony to Help Businesses Combat Web2 and Web3 App Threats

Cybersecurity firm Resonance Security has rolled out ‘Harmony’, a new asset monitoring tool to guard Web2 and Web3 apps from major threats.  The launch comes as cybersecurity threats are getting tougher and more complex. Traditional security measures often can’t keep up with evolving risks, causing serious financial and reputational harm.  With $1.5 million in pre-seed […]


The post Resonance Security Launches Harmony to Help Businesses Combat Web2 and Web3 App Threats appeared first on Cyber Security News.


https://cybersecuritynews.com/combat-web2-and-web3-app-threats/?utm_source=dlvr.it&utm_medium=blogger

FIN7 Hackers Employ New Tools to Bypass EDR & Conduct Automated Attacks

The notorious cybercrime group FIN7 has once again made headlines with the development of new tools designed to bypass Endpoint Detection and Response (EDR) solutions and conduct automated attacks. This revelation underscores the group’s continued evolution and sophistication in the cybercrime landscape. FIN7, also known as Carbanak, has been active since at least 2012 and […]


The post FIN7 Hackers Employ New Tools to Bypass EDR & Conduct Automated Attacks appeared first on Cyber Security News.


https://cybersecuritynews.com/fin7-bypass-edr-solutions/?utm_source=dlvr.it&utm_medium=blogger

China-linked APT17 Targets Italian Companies with 9002 RAT Malware

A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a known malware referred to as 9002 RAT.
The two targeted attacks took place on June 24 and July 2, 2024, Italian cybersecurity company TG Soft said in an analysis published last week.
"The first campaign on June 24, 2024 used an Office document, while the second


https://thehackernews.com/2024/07/china-linked-apt17-targets-italian.html?utm_source=dlvr.it&utm_medium=blogger

Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP

Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks.
Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. It has been described as a remote command execution flaw in the Gremlin graph traversal language API.
"Users are


https://thehackernews.com/2024/07/critical-apache-hugegraph-vulnerability.html?utm_source=dlvr.it&utm_medium=blogger

Massive Data of 361M Unique Emails & Passwords Up For Sale on Telegram

Cybersecurity researchers discovered one of the largest data breaches in history, with 361 million unique emails, usernames, and passwords now available for sale on dark web forums. The massive dataset, totaling 122 GB and containing 2 billion rows of data across 1,700 files, is being offered for a mere $500 through an exclusive Telegram channel. […]


The post Massive Data of 361M Unique Emails & Passwords Up For Sale on Telegram appeared first on Cyber Security News.


https://cybersecuritynews.com/massive-data-of-361m-emails-passwords/?utm_source=dlvr.it&utm_medium=blogger

All-in-One: How Cynet is Revolutionizing Cybersecurity for MSPs

Managed Services Providers (MSPs) are increasingly looking to provide cybersecurity services due to the demand from their current clients. Though the revenue potential is lucrative, the road for many MSPs to transition into a Managed Security Services Provider (MSSP) is perceived as difficult, time-consuming and expensive.  Cynet’s All-in-One Cybersecurity Platform offers a compelling solution to this […]


The post All-in-One: How Cynet is Revolutionizing Cybersecurity for MSPs appeared first on Cyber Security News.


https://cybersecuritynews.com/cynet-is-revolutionizing-cybersecurity-for-msps/?utm_source=dlvr.it&utm_medium=blogger

FBI Successfully Unlocks Password-protected Trump Shooting Suspect’s Phone

The FBI revealed on Monday that they have achieved access to the phone of the alleged shooter, Thomas Matthew Crooks, marking a notable breakthrough in the probe of the recent assassination attempt on former President Donald Trump. The 20-year-old suspect, who was shot dead by Secret Service agents during the incident, had opened fire at […]


The post FBI Successfully Unlocks Password-protected Trump Shooting Suspect’s Phone appeared first on Cyber Security News.


https://cybersecuritynews.com/fbi-unlocks-trump-shooting-suspects-phone/?utm_source=dlvr.it&utm_medium=blogger

Malware Dissection with Gemini 1.5 Flash model in 12.72 seconds

The ability to swiftly and accurately analyze malware is paramount. Traditional reverse engineering and code analysis methods are often too slow to keep pace with the sheer volume of new threats. Enter Gemini 1.5 Flash, Google’s latest lightweight and cost-effective model, designed to revolutionize malware analysis with remarkable speed and efficiency. In this article, we […]


The post Malware Dissection with Gemini 1.5 Flash model in 12.72 seconds appeared first on Cyber Security News.


https://cybersecuritynews.com/malware-dissection-with-gemini/?utm_source=dlvr.it&utm_medium=blogger

GitHub Token Leak Exposes Python's Core Repositories to Potential Attacks

Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories.
JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on Docker Hub.
"This


https://thehackernews.com/2024/07/github-token-leak-exposes-pythons-core.html?utm_source=dlvr.it&utm_medium=blogger

ZDI shames Microsoft for – yet another – coordinated vulnerability disclosure snafu

‘It seems like they really don’t have a full grasp of what’s going on with this patch’ Exclusive  A Microsoft zero-day exploit that Trend Micro’s Zero Day Initiative team claims it found and reported to Redmond in May was disclosed…

Read more →


https://www.itsecuritynews.info/zdi-shames-microsoft-for-yet-another-coordinated-vulnerability-disclosure-snafu/?utm_source=dlvr.it&utm_medium=blogger

Unveiling the Mule Accounts Menace in Modern Money Laundering

  In a recent statement, a member of the RBI’s board of governors has urged banks to step up efforts against mule accounts. According to Piyush Shukla, money mules in India do much more than move money. A MULE ACCOUNT…

Read more →


https://www.itsecuritynews.info/unveiling-the-mule-accounts-menace-in-modern-money-laundering/?utm_source=dlvr.it&utm_medium=blogger

Threat Actors Claims Breach of 1.1TB of Disney’s Internal Slack Chats

Threat actors have claimed responsibility for a massive data breach involving 1.1TB of Disney’s internal Slack chats. The breach, first reported on July 12 by a hacktivist named NullBulge on a dark web forum, has sent ripples through the cybersecurity community and raised concerns about the security of corporate communication platforms. The original post, shown […]


The post Threat Actors Claims Breach of 1.1TB of Disney’s Internal Slack Chats appeared first on Cyber Security News.


https://cybersecuritynews.com/disneys-internal-slack-chats/?utm_source=dlvr.it&utm_medium=blogger

Google to Acquire Cybersecurity Firm Wiz for $23 Billion

Google is reportedly in advanced discussions to acquire the cloud security firm Wiz for a staggering $23 billion. The Wall Street Journal broke the news on Sunday, citing sources familiar with the matter. If finalized, this acquisition would mark Google’s largest purchase, underscoring its commitment to enhancing its cybersecurity infrastructure amid growing threats from nation-state […]


The post Google to Acquire Cybersecurity Firm Wiz for $23 Billion appeared first on Cyber Security News.


https://cybersecuritynews.com/google-to-acquire-cybersecurity-firm/?utm_source=dlvr.it&utm_medium=blogger

New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection

Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts.
"Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection," Cybereason researchers Kotaro Ogino and Koshi Oyama said in an analysis.
"The passphrase needs to be provided during


https://thehackernews.com/2024/07/new-hardbit-ransomware-40-uses.html?utm_source=dlvr.it&utm_medium=blogger

Get Microsoft Office 2021 for Windows for $40 – lowest price of the year

Pay just once and get a lifetime license to the Microsoft Office 2021 app suite (including Word, Excel, and PowerPoint) on your PC for 81% off right now (there’s a deal for a Mac version, too). This article has been…

Read more →


https://www.itsecuritynews.info/get-microsoft-office-2021-for-windows-for-40-lowest-price-of-the-year/?utm_source=dlvr.it&utm_medium=blogger

Wireshark 4.2.6 Released, (Sun, Jul 14th)

Wireshark release 4.2.6 fixes 1 vulnerability (SPRT parser crash) and 10 bugs. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: Wireshark 4.2.6 Released, (Sun, Jul 14th)

Read more →


https://www.itsecuritynews.info/wireshark-4-2-6-released-sun-jul-14th/?utm_source=dlvr.it&utm_medium=blogger

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)

The weekly  cyber security newsletter is a brief summary of what the most recent threats, vulnerabilities, and innovations in the digital security space are all about. This weekly drill encourages a deeper comprehension of the quick-changing malicious tactics, and threat environment by facilitating timely adjustments to security protocols. Eventually, this helps organizations and individuals to maintain stronger […]


The post Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories) appeared first on Cyber Security News.


https://cybersecuritynews.com/cyber-security-news-weekly-round-up-7/?utm_source=dlvr.it&utm_medium=blogger

Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers stole call, text records of “nearly all” of AT&T’s cellular customers Hackers leveraging stolen Snowflake account credentials have stolen records of calls and texts…

Read more →


https://www.itsecuritynews.info/week-in-review-radius-protocol-critical-vuln-microsoft-0-day-exploited-for-a-year-att-breach/?utm_source=dlvr.it&utm_medium=blogger

Disney’s Internal Slack Breached? NullBulge Leaks 1.1 TiB of Data

Hacktivist group NullBulge claims to have breached Disney, leaking 1.1 TiB of internal Slack data. The leak allegedly… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: Disney’s Internal Slack…

Read more →


https://www.itsecuritynews.info/disneys-internal-slack-breached-nullbulge-leaks-1-1-tib-of-data/?utm_source=dlvr.it&utm_medium=blogger

Samsung will give you a $300 gift card when you preorder the Galaxy Z Fold 6 – how to easily qualify

Samsung unveiled the new Galaxy Z Fold and Z Flip 6 at Unpacked this week, and when you preorder one, you can get an Amazon gift card of up to $300. This article has been indexed from Latest news Read…

Read more →


https://www.itsecuritynews.info/samsung-will-give-you-a-300-gift-card-when-you-preorder-the-galaxy-z-fold-6-how-to-easily-qualify/?utm_source=dlvr.it&utm_medium=blogger

AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to “nearly all” of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T’s wireless network. “Threat actors unlawfully accessed…

Read more →


https://www.itsecuritynews.info/att-confirms-data-breach-affecting-nearly-all-wireless-customers/?utm_source=dlvr.it&utm_medium=blogger

Get a Microsoft Visual Studio Pro license for 92% off

Code faster and work smarter with a Microsoft Visual Studio Professional 2022 license, currently on sale for $35. This article has been indexed from Latest news Read the original article: Get a Microsoft Visual Studio Pro license for 92% off

Read more →


https://www.itsecuritynews.info/get-a-microsoft-visual-studio-pro-license-for-92-off/?utm_source=dlvr.it&utm_medium=blogger

Critical Exim Mali Server Vulnerability Impacts 1.5 Million Email Servers

According to recent findings by security researchers, more than 1.5 million email servers are currently vulnerable to a critical security flaw in the Exim mail transfer agent (MTA). Exim is a free, mail transfer agent that’s used in hosts that are running Unix or Unix-like operating systems. It was first released in 1995 for use […]


The post Critical Exim Mali Server Vulnerability Impacts 1.5 Million Email Servers appeared first on Cyber Security News.


https://cybersecuritynews.com/exim-mali-server-vulnerability/?utm_source=dlvr.it&utm_medium=blogger

AT&T Massive Data Breach – Affecting Nearly All Customers’ Call & Text Records

AT&T, one of the largest telecommunications companies in the United States, has disclosed a significant data breach that exposed the call and text records of nearly all its cellular customers. The company revealed this information in a regulatory filing on July 12, 2024. The breach, which occurred between April 14 and April 25, 2024, involved […]


The post AT&T Massive Data Breach – Affecting Nearly All Customers’ Call & Text Records appeared first on Cyber Security News.


https://cybersecuritynews.com/att-reveals-massive-data-breach/?utm_source=dlvr.it&utm_medium=blogger

FishXProxy Fuels Phishing Attacks with Clever Deceptive Attacks

Imagine receiving an email that looks legitimate, down to the last detail. This is the deceptive power of the new FishXProxy Phishing Kit, a sophisticated toolkit emerging from underground cybercrime. With its advanced features, FishXProxy dismantles the technical barriers traditionally associated with phishing campaigns, making it alarmingly simple for attackers to deceive and exploit unsuspecting […]


The post FishXProxy Fuels Phishing Attacks with Clever Deceptive Attacks appeared first on Cyber Security News.


https://cybersecuritynews.com/fishxproxy-fuels-phishing-attacks/?utm_source=dlvr.it&utm_medium=blogger

4000+ Domains Used By FIN7 Actors Mimic Popular Brands

Russian-linked FIN7 (aka Sangria Tempest, ATK32, Carbon Spider, Coreid, ELBRUS, G0008, G0046, and GOLD NIAGARA) is a financial cybercrime group that has been around since 2013 and it specifically targets the US industries. To achieve this goal, it uses spearphishing, ransomware, malicious browser extensions, and drive-by compromises.  Even after repeated attempts to bring them down, […]


The post 4000+ Domains Used By FIN7 Actors Mimic Popular Brands appeared first on Cyber Security News.


https://cybersecuritynews.com/fin7-domains-mimic-brands-uncovered/?utm_source=dlvr.it&utm_medium=blogger

China’s APT41 crew adds a stealthy malware loader and fresh backdoor to its toolbox

Meet DodgeBox, son of StealthVector Chinese government-backed cyber espionage gang APT41 has very likely added a loader dubbed DodgeBox and a backdoor named MoonWalk to its malware toolbox, according to cloud security service provider Zscaler’s ThreatLabz research team.… This article…

Read more →


https://www.itsecuritynews.info/chinas-apt41-crew-adds-a-stealthy-malware-loader-and-fresh-backdoor-to-its-toolbox/?utm_source=dlvr.it&utm_medium=blogger

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass.
Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover.
"Missing authentication


https://thehackernews.com/2024/07/palo-alto-networks-patches-critical.html?utm_source=dlvr.it&utm_medium=blogger

60 New Malicious Packages Uncovered in NuGet Supply Chain Attack

Threat actors have been observed publishing a new wave of malicious packages to the NuGet package manager as part of an ongoing campaign that began in August 2023, while also adding a new layer of stealth to evade detection.
The fresh packages, about 60 in number and spanning 290 versions, demonstrate a refined approach from the previous set that came to light in October 2023, software supply


https://thehackernews.com/2024/07/60-new-malicious-packages-uncovered-in.html?utm_source=dlvr.it&utm_medium=blogger

CISA Warns of Hackers Exploiting OS Command Injection Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have raised alarms about hackers exploiting OS command injection vulnerabilities. These vulnerabilities, a constant issue in software products, pose essential risks to users and organizations. The alert comes in response to recent threat actor campaigns that have successfully targeted and compromised […]


The post CISA Warns of Hackers Exploiting OS Command Injection Vulnerabilities appeared first on Cyber Security News.


https://cybersecuritynews.com/cisa-warns-of-hackers-exploiting-os-command-injection/?utm_source=dlvr.it&utm_medium=blogger