Cyber Security News

Security researchers have uncovered vulnerabilities in Microsoft’s Entra ID (formerly Azure Active Directory) dubbed “UnOAuthorized,” which could allow unauthorized actions beyond expected controls. The findings, centered on the OAuth 2.0 scope permissions, could have enabled attackers to elevate privileges and persist within Microsoft environments. The most alarming discovery involved the ability to add and remove […]

The post Microsoft Entra ID (Azure AD) Vulnerability Let Attackers Gain Global Admin Access appeared first on Cyber Security News.

Akamai Technologies effectively countered one of the most extensive and advanced distributed denial-of-service (DDoS) attacks it has faced to date. The attack, targeting a major financial services company in Israel, lasted for nearly 24 hours and resulted in Akamai blocking approximately 419 terabytes of malicious traffic. The DDoS campaign began at 8:05 UTC on July […]

The post Massive DDoS Attack: Record-breaking 419 TB of Malicious Traffic Within 24 Hours appeared first on Cyber Security News.

Researchers at Oligo Security have discovered an 18-year-old critical vulnerability, dubbed “0.0.0.0 Day,” that affects all major web browsers, including Chromium, Firefox, and Safari. This vulnerability allows malicious websites to bypass browser security and interact with services running on an organization’s local network, potentially leading to unauthorized access and remote code execution on local services […]

The post 0.0.0.0 Day – 18 Yr Old Vulnerability Let Attackers Bypass All Browser Security appeared first on Cyber Security News.

Cisco has disclosed multiple critical vulnerabilities affecting its Small Business SPA300 and SPA500 Series IP Phones, potentially allowing attackers to execute arbitrary commands with root privileges or cause denial of service conditions. The flaws, which have been assigned CVE identifiers CVE-2024-20450, CVE-2024-20451, CVE-2024-20452, CVE-2024-20453, and CVE-2024-20454, exist in the web-based management interface of these devices. […]

The post Cisco Small Business IP Phones Vulnerabilities: Attackers Can Execute Arbitrary Commands appeared first on Cyber Security News.

A pair of security vulnerabilities have been discovered in Jenkins, a popular open-source automation server, that could allow attackers to read arbitrary files from the Jenkins controller file system and potentially lead to remote code execution (RCE). Jenkins is a popular open-source automation server that automates the software development lifecycle, including building, testing, and deploying […]

The post Vulnerabilities in Jenkins Let Hackers Execute Arbitrary Code Remotely appeared first on Cyber Security News.

A group of cybersecurity researchers at CISPA Helmholtz Center for Information Security recently identified three major security vulnerabilities in five commercial RISC-V CPUs, including GhostWrite, which allows an attacker to write arbitrary data from unprivileged states into any physical memory location. GhostWrite is an unprivileged instruction sequence that allows attackers to write to chosen physical […]

The post GhostWrite Vulnerability Let Hackers Read & Write Any Part of The Computer’s Memory appeared first on Cyber Security News.

Every software and operating system vendor has been implementing security measures to protect their products. This is because threat actors require a lot of time to find a zero-day but less time to find a readily available exploit for vulnerable software. This led them to the thought that they should Downgrade the latest versions to […]

The post Windows Zero-day Flaw Let Hackers Downgrade Fully Updated Systems to Old Vulnerabilities appeared first on Cyber Security News.

In one of the largest data breaches in history, the personal information of nearly 3 billion individuals has been stolen from National Public Data, a background check and fraud prevention service provider. The breach, which came to light through a class action lawsuit filed in Florida, has sent shockwaves through the cybersecurity community and raised […]

The post National Public Data Hacked: 2.9 Billion Users Personal Data Stolen appeared first on Cyber Security News.

Attackers, including nation-state actors, increasingly leverage legitimate cloud services for espionage operations, exploiting their low-profile and cost-effective nature.  The services, such as Microsoft OneDrive and Google Drive, evade detection by masquerading as trusted entities, thereby enabling covert data exfiltration and tool development.  Researchers discovered a novel Go-based backdoor, GoGra, deployed against a South Asian media […]

The post Hackers Leveraging OneDrive & Google Drive To Hide Malicious Traffic appeared first on Cyber Security News.

A critical vulnerability, designated as CVE-2024-42219, has been identified in 1Password 8 for Mac. This flaw allows malicious actors to exfiltrate vault items by bypassing the app’s platform security protections. Robinhood’s Red Team responsibly disclosed the issue following an independent security assessment of 1Password for Mac. CVE-2024-42219 – The Vulnerability The vulnerability affects the inter-process […]

The post 1Password Vulnerability Let Attackers Exfiltrate Vault Items appeared first on Cyber Security News.

A newly surfaced cybercampaign targeting Israeli users has thrust the sophisticated RHADAMANTHYS information stealer into the spotlight. Originating from Russian-speaking cybercriminals and offered as a Malware-as-a-Service, RHADAMANTHYS excels at data exfiltration.  Recent samples and in-depth analysis reveal a complex infection chain and extensive payload capabilities, highlighting the evolving threat landscape and underscoring the need for […]

The post RHADAMANTHYS Stealer Weaponizing RAR Archive To Steal Login Credentials appeared first on Cyber Security News.

The Apache CloudStack project has announced the release of long-term support (LTS) security updates, versions 4.18.2.3 and 4.19.1.1, which address two critical vulnerabilities, CVE-2024-42062 and CVE-2024-42222. These vulnerabilities pose significant risks to the integrity, confidentiality, and availability of CloudStack-managed infrastructure. CVE-2024-42062: User Key Exposure to Domain Admins CVE-2024-42062 is a critical vulnerability that affects Apache […]

The post Apache Cloudstack Vulnerability Exposes API & Secret Keys to Admin Accounts appeared first on Cyber Security News.

Mozilla has released Firefox 129, addressing multiple high-severity vulnerabilities. These patches are critical for enhancing the browser’s security and protecting users from potential exploits. Detailed Vulnerability Table The latest Firefox update patches several critical vulnerabilities, each significantly impacting user security. Below is a summary of the most notable issues: How to Build a Security Framework […]

The post Firefox Patches Multiple High Severity Vulnerabilities appeared first on Cyber Security News.

Phishing is the most effective method for an attacker to infiltrate an organization. Several attack methods and techniques are available for an attacker to send a phishing email. On the other hand, email clients such as Outlook or Gmail also have security measures to warn users whenever they receive an unknown email. One such security […]

The post Microsoft 365 Anti-phishing Feature Bypassed Using CSS Style Tags appeared first on Cyber Security News.

Kibana, a popular open-source data visualization and exploration tool, has identified a critical security flaw that could allow attackers to execute arbitrary code. This vulnerability, tracked as CVE-2024-37287, has a CVSSv3 severity rating of 9.9, indicating its critical nature. CVE-2024-37287 – Vulnerability Details The flaw arises from a prototype pollution vulnerability that can be exploited […]

The post Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

Google has released a critical security update for its Chrome browser, addressing multiple high-severity vulnerabilities that could allow attackers to execute malicious code on users’ systems. The update, version 127.0.6533.99/.100 for Windows and Mac, and 127.0.6533.99 for Linux, was announced on August 6, 2024, and is currently being rolled out to users worldwide. The most […]

The post Multiple Chrome Vulnerabilities Let Attackers Execute Malicious Code appeared first on Cyber Security News.

Cybersecurity giant CrowdStrike has released a comprehensive technical root cause analysis detailing the events that led to a problematic Falcon sensor update on July 19, 2024. The incident caused system crashes for some Windows users and prompted a swift response from the company. The investigation shows that the problem came from a complicated interaction of […]

The post CrowdStrike Publishes Technical Root Cause Analysis of Faulty Falcon Update appeared first on Cyber Security News.

Researchers from LevelBlue Labs have uncovered a new tactic threat actors employ to hijack legitimate anti-virus software for malicious purposes. This sophisticated attack leverages a tool named SbaProxy, which masquerades as a legitimate anti-virus component to establish proxy connections through a command and control (C&C) server. SbaProxy is a new tool in the threat actor’s evolving toolkit, […]

The post Hackers Hijack Anti-Virus Software Using SbaProxy Hacking Tool appeared first on Cyber Security News.

Samsung has significantly increased its bug bounty program as part of its ongoing efforts to enhance mobile security. The tech giant is now offering rewards of up to $1 million for researchers who can demonstrate critical vulnerabilities in its mobile devices, particularly those related to arbitrary code execution on highly privileged targets. This new initiative, […]

The post Samsung Announces $1 Million Rewards for Arbitrary Code Execution Vulnerabilities appeared first on Cyber Security News.

The Western Digital Discovery app, a well-known provider of storage devices, has a vulnerability identified as CVE 2024-22169 with a CVSS base score of 7.1 that allows for code execution. The security vulnerability arises due to the Node.js environment settings in the WD Discovery App. Utilizing the ELECTRON_RUN_AS_NODE environment variable might allow code execution.   In […]

The post Western Digital’s WD Discovery App Flaw Allows Code Execution appeared first on Cyber Security News.