Iranian Hackers Tried to Give Hacked Trump Campaign Emails to Dems

Plus: The FBI dismantles the largest-ever China-backed botnet, the DOJ charges two men with a $243 million crypto theft, Apple’s MacOS Sequoia breaks cybersecurity tools, and more. This article has been indexed from Security Latest Read the original article: Iranian…

Read more →


https://www.itsecuritynews.info/iranian-hackers-tried-to-give-hacked-trump-campaign-emails-to-dems/?utm_source=dlvr.it&utm_medium=blogger

Threat Actor IntelBroker Allegedly Claims Leak of Deloitte Internal Communications

The notorious threat actor, IntelBroker, allegedly claimed responsibility for leaking internal communications from Deloitte, a leading global auditing firm. The breach reportedly occurred in September 2024, when an Apache Solr server was inadvertently exposed to the internet with default login credentials, allowing unauthorized access. Deloitte, known for its extensive work in auditing and consulting, found […]


The post Threat Actor IntelBroker Allegedly Claims Leak of Deloitte Internal Communications appeared first on Cyber Security News.


https://cybersecuritynews.com/intelbroker-deloitte-data/?utm_source=dlvr.it&utm_medium=blogger

Disney to Stop Using Slack Following Hack that Exposed Company Data

In a major move, the Walt Disney Company announced that it would no longer use Slack for in-house company communication. This decision comes months after a hack that leaked over a terabyte of company data to the public. According to a memo obtained by CNBC, Disney Chief Financial Officer Hugh Johnston informed employees and cast […]


The post Disney to Stop Using Slack Following Hack that Exposed Company Data appeared first on Cyber Security News.


https://cybersecuritynews.com/disney-to-stop-using-slack/?utm_source=dlvr.it&utm_medium=blogger

Star Health Data Leak: 31 Million Customers’ Data Exposed via Telegram

India’s largest health insurance provider, Star Health, and Allied Insurance, recently experienced a significant data breach, resulting in the exposure of sensitive personal information belonging to more than 31 million customers. This breach has been facilitated through chatbots on the popular messaging app Telegram, raising serious concerns about data security and the misuse of technology […]


The post Star Health Data Leak: 31 Million Customers’ Data Exposed via Telegram appeared first on Cyber Security News.


https://cybersecuritynews.com/star-health-data-leak/?utm_source=dlvr.it&utm_medium=blogger

CISA Releases Six New Advisories For Industrial Control Systems

The Cybersecurity and Infrastructure Security Agency (CISA) has issued six new advisories concerning industrial control systems (ICS) on September 19, 2024. These advisories highlight critical vulnerabilities in various ICS products, offering crucial information for users to safeguard their systems against potential threats. Rockwell Automation RSLogix 5 And RSLogix 500 CISA’s advisory on Rockwell Automation’s RSLogix […]


The post CISA Releases Six New Advisories For Industrial Control Systems appeared first on Cyber Security News.


https://cybersecuritynews.com/cisa-industrial-control-systems-advisories/?utm_source=dlvr.it&utm_medium=blogger

Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East

An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to target networks.
Google-owned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion sets tracked by Microsoft, Cisco Talos, and


https://thehackernews.com/2024/09/iranian-apt-unc1860-linked-to-mois.html?utm_source=dlvr.it&utm_medium=blogger

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild.
The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0.
"Path Traversal in the Ivanti CSA before 4.6 Patch


https://thehackernews.com/2024/09/critical-ivanti-cloud-appliance.html?utm_source=dlvr.it&utm_medium=blogger

CISA boss: Makers of insecure software are the real cyber villains

Write better code, urges Jen Easterly. And while you’re at it, give crime gangs horrible names like ‘Evil Ferret’ Software developers who ship buggy, insecure code are the real villains in the cyber crime story, Jen Easterly, boss of the…

Read more →


https://www.itsecuritynews.info/cisa-boss-makers-of-insecure-software-are-the-real-cyber-villains/?utm_source=dlvr.it&utm_medium=blogger

Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw

Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability, tracked as CVE-2024-8963 (CVSS score…

Read more →


https://www.itsecuritynews.info/ivanti-warns-of-a-new-actively-exploited-cloud-services-appliance-csa-flaw/?utm_source=dlvr.it&utm_medium=blogger

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system.
"The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim's assets, during which the threat actor uploaded a malicious script," Group-IB researchers Vito Alfano and Nam Le


https://thehackernews.com/2024/09/new-teamtnt-cryptojacking-campaign.html?utm_source=dlvr.it&utm_medium=blogger

Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector

Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S.
The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest (formerly DEV-0832).
"Vanilla Tempest receives hand-offs from GootLoader infections by the threat actor Storm-0494,


https://thehackernews.com/2024/09/microsoft-warns-of-new-inc-ransomware.html?utm_source=dlvr.it&utm_medium=blogger

SambaSpy Attacking Windows Users With Weaponized PDF Files

Threat actors often make use of weaponized PDF files as they enable them to deliver malware and execute attacks through phishing schemes.  These PDFs can contain embedded malicious code, links, and scripts that exploit vulnerabilities in PDF readers, making them a preferred method for evading traditional security measures. Kaspersky Lab researchers recently discovered that SambaSpy […]


The post SambaSpy Attacking Windows Users With Weaponized PDF Files appeared first on Cyber Security News.


https://cybersecuritynews.com/sambaspy-windows-users-weaponized-pdf/?utm_source=dlvr.it&utm_medium=blogger

Cyber Attack on Security Firm Dr.Web Forces Servers Disconnection

In a recent cyberattack, Russian cybersecurity firm Doctor Web (Dr.Web) was forced to disconnect all its servers to mitigate the threat and ensure the safety of its infrastructure. Cyber Attack on Security Firm Dr.Web Forces Servers Disconnection The attack, which began on Saturday, September 14, 2024, was swiftly identified and managed by the company’s security […]


The post Cyber Attack on Security Firm Dr.Web Forces Servers Disconnection appeared first on Cyber Security News.


https://cybersecuritynews.com/cyber-attack-dr-web-server/?utm_source=dlvr.it&utm_medium=blogger

New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett).
The sophisticated botnet, dubbed Raptor Train by Lumen's Black Lotus Labs, is believed to have been operational since at least May 2020,


https://thehackernews.com/2024/09/new-raptor-train-iot-botnet-compromises.html?utm_source=dlvr.it&utm_medium=blogger

Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military

A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration (NASA), research universities, and private companies.
Song Wu, 39, has been charged with 14 counts of wire fraud and 14 counts of aggravated identity theft.


https://thehackernews.com/2024/09/chinese-engineer-charged-in-us-for.html?utm_source=dlvr.it&utm_medium=blogger

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in energy and aerospace verticals and infect them with a previously undocumented backdoor dubbed MISTPEN.
The activity cluster is being tracked by Google-owned Mandiant under the moniker UNC2970, which it said overlaps with a threat group known as TEMP.Hermit, which is


https://thehackernews.com/2024/09/north-korean-hackers-target-energy-and.html?utm_source=dlvr.it&utm_medium=blogger

Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution

Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for remote code execution.
The vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), has been described as a heap-overflow vulnerability in the DCE/RPC protocol.
"A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a


https://thehackernews.com/2024/09/patch-issued-for-critical-vmware.html?utm_source=dlvr.it&utm_medium=blogger

VMware vCenter Server Vulnerabilities Let Attackers Execute Remote Code

VMware has disclosed two critical security vulnerabilities affecting its vCenter Server and Cloud Foundation products that could allow attackers to execute remote code and escalate privileges. The company is urging customers to patch affected systems immediately. The more critical flaw, tracked as CVE-2024-38812, is a heap-overflow vulnerability in implementing the DCERPC protocol within vCenter Server. […]


The post VMware vCenter Server Vulnerabilities Let Attackers Execute Remote Code appeared first on Cyber Security News.


https://cybersecuritynews.com/vmware-vcenter-server-remote-code/?utm_source=dlvr.it&utm_medium=blogger

VMware patches over remote make-me-root holes in vCenter Server, Cloud Foundation

Bug reports made in China Broadcom has emitted a pair of patches for vulnerabilities in VMware vCenter Server that a miscreant with network access to the software could exploit to completely commandeer a system. This also affects Cloud Foundation.… This…

Read more →


https://www.itsecuritynews.info/vmware-patches-over-remote-make-me-root-holes-in-vcenter-server-cloud-foundation/?utm_source=dlvr.it&utm_medium=blogger

Apple iOS 18 Released with Fixes for 32 Security Vulnerabilities

Apple has released iOS 18, addressing a total of 32 security vulnerabilities across various components of its operating system. This comprehensive update is available for iPhone XS and later models, as well as iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and […]


The post Apple iOS 18 Released with Fixes for 32 Security Vulnerabilities appeared first on Cyber Security News.


https://cybersecuritynews.com/ios-18-32-vulnerabilities/?utm_source=dlvr.it&utm_medium=blogger

Meta to Train AI Models Using Public U.K. Facebook and Instagram Posts

Meta has announced that it will begin training its artificial intelligence (AI) systems using public content shared by adult users across Facebook and Instagram in the U.K. in the coming months.
"This means that our generative AI models will reflect British culture, history, and idiom, and that UK companies and institutions will be able to utilize the latest technology," the social media


https://thehackernews.com/2024/09/meta-to-train-ai-models-using-public-uk.html?utm_source=dlvr.it&utm_medium=blogger

Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

Cryptocurrency exchange Binance is warning of an "ongoing" global threat that's targeting cryptocurrency users with clipper malware with the goal of facilitating financial fraud.
Clipper malware, also called ClipBankers, is a type of malware that Microsoft calls cryware, which comes with capabilities to monitor a victim's clipboard activity and steal sensitive data a user copies, including


https://thehackernews.com/2024/09/binance-warns-of-rising-clipper-malware.html?utm_source=dlvr.it&utm_medium=blogger

Chinese national accused by Feds of spear-phishing for NASA, military source code

May have reeled in blueprints related to weapons development A Chinese national has been accused of conducting a years-long spear-phishing campaign that aimed to steal source code from the US Army and NASA, plus other highly sensitive software used in…

Read more →


https://www.itsecuritynews.info/chinese-national-accused-by-feds-of-spear-phishing-for-nasa-military-source-code/?utm_source=dlvr.it&utm_medium=blogger

Apple Patches Major Security Flaws With iOS 18 Refresh

Apple warns that attackers can use Siri to access sensitive user data, control nearby devices, or view recent photos without authentication.  The post Apple Patches Major Security Flaws With iOS 18 Refresh appeared first on SecurityWeek. This article has been…

Read more →


https://www.itsecuritynews.info/apple-patches-major-security-flaws-with-ios-18-refresh-2/?utm_source=dlvr.it&utm_medium=blogger

North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware

Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on LinkedIn to deliver malware called RustDoor.
The latest advisory comes from Jamf Threat Labs, which said it spotted an attack attempt in which a user was contacted on the professional social network by claiming to be a recruiter for a legitimate decentralized


https://thehackernews.com/2024/09/north-korean-hackers-target.html?utm_source=dlvr.it&utm_medium=blogger

Beware of Fake AppleCare+ Service that Steals Money from Users

A malicious campaign targeting Mac users seeking support or extended warranty services through AppleCare+ has been uncovered. This scam involves perpetrators purchasing Google ads to lure victims into visiting fraudulent websites hosted on GitHub, a platform owned by Microsoft. The aim is to connect unsuspecting users with scammers posing as Apple representatives, using social engineering […]


The post Beware of Fake AppleCare+ Service that Steals Money from Users appeared first on Cyber Security News.


https://cybersecuritynews.com/fake-applecare-service/?utm_source=dlvr.it&utm_medium=blogger

U.S. Tax Reform Can Fuel AI and Cybersecurity Innovation

As the U.S. Congress thinks about the parameters of a 2025 tax package, several areas could significantly shape innovation in AI and cybersecurity and serve as a catalyst for beneficial technology breakthroughs. This article has been indexed from Cisco Blogs…

Read more →


https://www.itsecuritynews.info/u-s-tax-reform-can-fuel-ai-and-cybersecurity-innovation/?utm_source=dlvr.it&utm_medium=blogger

Azure API Management Vulnerability Let Users Escalate Privileges

A critical vulnerability was recently discovered in Azure API Management (APIM) that allowed users with Reader-level access to escalate their privileges to the equivalent of Contributor-level access. This security flaw enabled users to read, modify, and even delete configurations of the APIM resource through the Direct Management API. According to Binary Security researchers, the vulnerability […]


The post Azure API Management Vulnerability Let Users Escalate Privileges appeared first on Cyber Security News.


https://cybersecuritynews.com/azure-api-management-vulnerability/?utm_source=dlvr.it&utm_medium=blogger

YARA-X’s Dump Command, (Sun, Sep 15th)

YARA-X is not just a rewrite of YARA in Rust, it comes with new features too. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: YARA-X’s Dump Command, (Sun, Sep 15th)

Read more →


https://www.itsecuritynews.info/yara-xs-dump-command-sun-sep-15th/?utm_source=dlvr.it&utm_medium=blogger

Florida Healthcare Data Leak Exposes Thousands of Doctors and Hospitals

  A data breach at Florida-based recruitment firm MNA Healthcare has left sensitive information of over 14,000 healthcare workers and 10,000 hospitals exposed. Discovered on June 20, 2024, by the Cybernews research team, the breach was caused by a misconfiguration…

Read more →


https://www.itsecuritynews.info/florida-healthcare-data-leak-exposes-thousands-of-doctors-and-hospitals/?utm_source=dlvr.it&utm_medium=blogger

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 11

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Mythical Beasts and Where to Find Them: Mapping the Global Spyware Market and its Threats to National Security and Human Rights  …

Read more →


https://www.itsecuritynews.info/security-affairs-malware-newsletter-round-11/?utm_source=dlvr.it&utm_medium=blogger

New Linux Malware Exploiting Oracle Weblogic Servers

Oracle WebLogic Server is an application server that is primarily designed to develop, deploy, and manage enterprise applications based on Java EE and Jakarta EE standards. It serves as a critical component of Oracle’s Fusion Middleware, which provides a reliable and scalable environment. Aqua Nautilus researchers recently discovered that a new Linux malware dubbed “Hadooken” […]


The post New Linux Malware Exploiting Oracle Weblogic Servers appeared first on Cyber Security News.


https://cybersecuritynews.com/hadooken-malware-oracle-weblogic/?utm_source=dlvr.it&utm_medium=blogger

IT Security News Daily Summary 2024-09-14

CosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony Anscombe USENIX Security ’23 – On the Feasibility of Malware Unpacking via Hardware-assisted Loop Profiling RansomHub Ransomware: Exploiting Trusted Tools to Evade Detection U.S. CISA adds Ivanti…

Read more →


https://www.itsecuritynews.info/it-security-news-daily-summary-2024-09-14/?utm_source=dlvr.it&utm_medium=blogger

Ransomware Actors Refused to Provide Decryptor Even After Recieving Ransom Payment

  For C-suite executives and security leaders, learning that your organisation has been infiltrated by network attackers, critical systems have been locked down, and data has been compromised, followed by a ransom demand, could be the worst day of their…

Read more →


https://www.itsecuritynews.info/ransomware-actors-refused-to-provide-decryptor-even-after-recieving-ransom-payment/?utm_source=dlvr.it&utm_medium=blogger

Cryptocurrency Scams Surge in 2023, FBI Reports Record $5.6 Billion in Losses

  Despite cryptocurrency no longer dominating the headlines like it did during the 2021 to 2022 boom, cybercriminals are still leveraging it to generate billions of dollars in fraudulent income every year. According to the FBI, 2023 was the most…

Read more →


https://www.itsecuritynews.info/cryptocurrency-scams-surge-in-2023-fbi-reports-record-5-6-billion-in-losses/?utm_source=dlvr.it&utm_medium=blogger

The Role of Governance, Risk, and Compliance in Modern Cybersecurity Programs

A Comprehensive Guide As with many other fields in technology, cybersecurity is in a constant state of evolution. One often overlooked area is the field of GRC. Governance, Risk, and Compliance (GRC) is a protective structure that aligns IT with…

Read more →


https://www.itsecuritynews.info/the-role-of-governance-risk-and-compliance-in-modern-cybersecurity-programs/?utm_source=dlvr.it&utm_medium=blogger

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild.
The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances.
"An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and before allows


https://thehackernews.com/2024/09/ivanti-warns-of-active-exploitation-of.html?utm_source=dlvr.it&utm_medium=blogger

5 Steps to Building a Robust Cyber Resilience Framework

The reality of cyber security is simple – breaches will occur – and reactivity will always be the losing strategy. Having a cyber resilience framework shifts the focus from preventing attacks to ensuring readiness, mitigating impact, and driving a swift…

Read more →


https://www.itsecuritynews.info/5-steps-to-building-a-robust-cyber-resilience-framework/?utm_source=dlvr.it&utm_medium=blogger

Ivanti Releases Security Update for Cloud Services Appliance

Ivanti has released a security update addressing an OS command injection vulnerability (CVE-2024-8190) affecting Ivanti Cloud Services Appliance (CSA) 4.6 (all versions before patch 519). A cyber threat actor could exploit this vulnerability to take control of an affected system.  …

Read more →


https://www.itsecuritynews.info/ivanti-releases-security-update-for-cloud-services-appliance/?utm_source=dlvr.it&utm_medium=blogger

What is Brute Force Attacks?

In cybersecurity, brute force attacks are a well-known and persistent threat. Despite being one of the oldest methods hackers use, brute force attacks remain a popular and effective tactic for gaining unauthorized access to systems and data. This article delves into the intricacies of brute force attacks, exploring their types, motives, tools, and prevention strategies. […]


The post What is Brute Force Attacks? appeared first on Cyber Security News.


https://cybersecuritynews.com/what-is-brute-force-attacks/?utm_source=dlvr.it&utm_medium=blogger

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks.
The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released for CVE-2024-6670 (CVSS score: 9.8) by security researcher Sina Kheirkhah of the Summoning Team, who


https://thehackernews.com/2024/09/progress-whatsup-gold-exploited-just.html?utm_source=dlvr.it&utm_medium=blogger

How to make Infrastructure as Code secure by default

Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Security workflows for IaC First,…

Read more →


https://www.itsecuritynews.info/how-to-make-infrastructure-as-code-secure-by-default/?utm_source=dlvr.it&utm_medium=blogger

New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram

Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2024 with the goal of harvesting financial information and intercepting two-factor authentication (2FA) messages.
Singapore-headquartered Group-IB, which discovered the threat in May 2024, said the malware is propagated via a network of Telegram channels


https://thehackernews.com/2024/09/new-android-malware-ajinabanker-steals.html?utm_source=dlvr.it&utm_medium=blogger

Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution

GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary user.
The issue, tracked as CVE-2024-6678, carries a CVSS score of 9.9 out of a maximum of 10.0
"An issue was discovered in GitLab CE/EE affecting all versions starting from 8.14 prior to 17.1.7, starting from 17.2 prior to


https://thehackernews.com/2024/09/urgent-gitlab-patches-critical-flaw.html?utm_source=dlvr.it&utm_medium=blogger

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns.
"Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions," Cado Security researchers Tara Gould and Nate Bill said in an analysis published today.
"However, Selenium Grid's default configuration lacks


https://thehackernews.com/2024/09/exposed-selenium-grid-servers-targeted.html?utm_source=dlvr.it&utm_medium=blogger

Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

The Irish Data Protection Commission (DPC) has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users.
"The statutory inquiry concerns the question of whether Google has complied


https://thehackernews.com/2024/09/irelands-watchdog-launches-inquiry-into.html?utm_source=dlvr.it&utm_medium=blogger

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily.
The enforcement is expected to come into effect starting October 1, 2024.
"Accounts with commit access can push updates and changes to plugins and themes used by millions of WordPress sites worldwide," the


https://thehackernews.com/2024/09/wordpress-mandates-two-factor.html?utm_source=dlvr.it&utm_medium=blogger

How to Activate Complete Protection Using an All-in-One Security Platform – Free Webinar

Cynet upended the security vendor market with an All-in-One Cybersecurity Platform that combines a full suite of must-have capabilities on a single, simple solution, backed by around-the-clock expert support. This unified approach maximizes cybersecurity ROI by eliminating the need for: Those organizational advantages and bottom-line benefits are clear. But what about the day-to-day user experience for […]


The post How to Activate Complete Protection Using an All-in-One Security Platform – Free Webinar appeared first on Cyber Security News.


https://cybersecuritynews.com/protection-using-an-all-in-one-platform/?utm_source=dlvr.it&utm_medium=blogger

Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances

The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN appliances by leveraging a combination of both known and unknown security flaws.
Targets include devices from TP-LINK, Zyxel, Asus, Axentra, D-Link, and NETGEAR, according to a new report by French cybersecurity company Sekoia.
"The Quad7 botnet operators appear to be


https://thehackernews.com/2024/09/quad7-botnet-expands-to-target-soho.html?utm_source=dlvr.it&utm_medium=blogger

DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe

A "simplified Chinese-speaking actor" has been linked to a new campaign that has targeted multiple countries in Asia and Europe with the end goal of performing search engine optimization (SEO) rank manipulation.
The black hat SEO cluster has been codenamed DragonRank by Cisco Talos, with victimology footprint scattered across Thailand, India, Korea, Belgium, the Netherlands, and China.
"


https://thehackernews.com/2024/09/dragonrank-black-hat-seo-campaign.html?utm_source=dlvr.it&utm_medium=blogger