Cyber Security News

Samsung has significantly increased its bug bounty program as part of its ongoing efforts to enhance mobile security. The tech giant is now offering rewards of up to $1 million for researchers who can demonstrate critical vulnerabilities in its mobile devices, particularly those related to arbitrary code execution on highly privileged targets. This new initiative, […]

The post Samsung Announces $1 Million Rewards for Arbitrary Code Execution Vulnerabilities appeared first on Cyber Security News.

The Western Digital Discovery app, a well-known provider of storage devices, has a vulnerability identified as CVE 2024-22169 with a CVSS base score of 7.1 that allows for code execution. The security vulnerability arises due to the Node.js environment settings in the WD Discovery App. Utilizing the ELECTRON_RUN_AS_NODE environment variable might allow code execution.   In […]

The post Western Digital’s WD Discovery App Flaw Allows Code Execution appeared first on Cyber Security News.

A new ransomware, dubbed CryptoKat, has emerged on the dark web, stirring significant concern within the cybersecurity community. The ransomware was first reported by the cybersecurity analyst MonThreat on their social media platform X, highlighting its advanced features and potential threat level. How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free […]

The post New Cryptokat Ransomware Released Allegedly Claiming Fast Encryption appeared first on Cyber Security News.

Hunters International has deployed a novel C# malware dubbed SharpRhino as an initial infection vector and persistent Remote Access Trojan (RAT).  Delivered through a typosquatting domain that looks like an Angry IP Scanner, SharpRhino uses techniques that have never been seen before to increase privileges, let the group move laterally without any problems, and then […]

The post Network Admins Beware! SharpRhino Ransomware Attacking Mimic As Angry IP Scanner appeared first on Cyber Security News.

Scalable package scanning within PyPi and npm using GuardDog software identified two malicious packages linked to a DPRK-aligned threat actor cluster dubbed “Stressed Pungsan.”  The cluster strongly aligns with Microsoft’s MOONSTONE SLEET, indicating a sophisticated supply chain attack vector. The packages are initial access points for malware distribution, enabling data exfiltration, credential theft, and lateral […]

The post North Korean Hackers Attacking Windows Users With Weaponized npm Files appeared first on Cyber Security News.

Hackers often target Window Smart App Control and SmartScreen security flaws to launch malicious code and applications for their illicit purposes. Threat actors aiming to undermine Windows security features can use these vulnerabilities to seize illicit access, steal sensitive data, and compromise system integrity. Cybersecurity researchers at Elastic Security Labs discovered Windows Smart App Control […]

The post Windows Smart App Control & SmartScreen Flaw Let Hackers Hijack Systems appeared first on Cyber Security News.

The Android Security Bulletin for August 2024 details vulnerabilities addressed by the 2024-08-05 security patch level.  The most critical issue is a high-severity vulnerability in the Framework component, which could potentially allow local privilege escalation without additional execution privileges.  Android partners were notified a month before, and source code patches will be released to the […]

The post Google Patches Actively Exploited Android Kernel Zero-Day Patched appeared first on Cyber Security News.

Researchers have introduced a novel threat detection model designed specifically for serverless cloud environments. This innovative approach leverages cloud providers’ native monitoring tools to detect anomalous behavior in serverless applications, providing a robust and efficient solution for identifying compromised serverless functions. Serverless computing has emerged as a popular cloud computing paradigm. It enables organizations to […]

The post New Threat Detection Model Detects Threats in Serverless Cloud With 0.003 False Rate appeared first on Cyber Security News.

A new ransomware variant named Doubleface has been announced by its creators. The ransomware, which boasts a range of sophisticated features, claims to be fully undetectable by major antivirus software. According to a Dark Web Informer tweet, Threat actors announced Doubleface Ransomware that claims fully undetectable. How to Build a Security Framework With Limited Resources […]

The post Threat Actors Announced Doubleface Ransomware, Claims Fully Undetectable appeared first on Cyber Security News.

A critical vulnerability identified as CVE-2024-6915 has been discovered in JFrog Artifactory, a widely used repository manager. This flaw, categorized under CWE-20 (Improper Input Validation), allows attackers to poison artifact caches, potentially leading to severe security breaches. CVE-2024-6915: Cache Poisoning The vulnerability has been marked as ‘Critical’ and was published and updated on August 5, […]

The post Jfrog Artifactory Flaw Let Attackers Poison Artifact Caches appeared first on Cyber Security News.

LLM agents, combining large language models with memory and tool usage, have shown promise in diverse domains. While successful in fields like software engineering and industrial automation, their potential in generative AI safety remains largely unexplored.  Given the rapid advancement and widespread adoption of text-to-image models, identifying safety vulnerabilities in these models poses significant challenges […]

The post Researchers Jailbreaked Text-To-Image LLM Models Using Atlas Agent appeared first on Cyber Security News.

A critical zero-day vulnerability in Apache OFBiz, an open-source enterprise resource planning (ERP) system, has been discovered that could allow unauthenticated attackers to execute arbitrary code remotely. The flaw, tracked as CVE-2024-38856 with a CVSS score of 9.8, affects all versions of Apache OFBiz up to and including 18.12.14. The vulnerability was uncovered by researchers […]

The post Apache OFBiz Zero-Day Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.

Cybersecurity experts have uncovered a series of attacks targeting organizations in Kazakhstan by a threat actor dubbed “Bloody Wolf.” The group utilizes STRRAT, an inexpensive but potent malware available on underground forums for as little as $80. Since late 2023, researchers at BI.ZONE Threat Intelligence has been tracking Bloody Wolf’s activities. The attackers employ sophisticated […]

The post Bloody Wolf Attacking Organizations With $80 Malware From Underground Market appeared first on Cyber Security News.

Cisco Talos has unearthed a sophisticated cyber-espionage campaign targeting a Taiwanese government-affiliated research institute. The attack, attributed to the notorious Chinese hacking group APT41, involved the deployment of the ShadowPad malware and Cobalt Strike, among other customized tools. This article delves into the specifics of the attack, the methodologies employed by the hackers, and the […]

The post APT41 Hackers Attacking Research Institute with ShadowPad and Cobalt Strike appeared first on Cyber Security News.

A critical security vulnerability in Rockwell Automation’s ControlLogix and GuardLogix controllers has been discovered. This vulnerability could potentially allow attackers to bypass security measures and gain unauthorized access to industrial control systems. Researchers at Claroty’s Team82 uncovered the flaw, which is identified as CVE-2024-6242. It affected various models of Rockwell’s 1756 ControlLogix devices. The vulnerability, […]

The post Rockwell Automation Devices Flaw Let Hackers Gain Unauthorized Access appeared first on Cyber Security News.

The communication between DNS recursive resolvers and authoritative nameservers is largely unsecured, making it susceptible to on-path and off-path attacks. Though many security proposals have been put forward, they often face implementation challenges or lack adequate security features. This persistent vulnerability reveals the need for a new, widely deployable secure scheme that will overcome the […]

The post DNSSEC+ – Secure Model That Addresses Security And Downsides Of DNSSEC appeared first on Cyber Security News.

Cybersecurity researcher Jeremiah Fowler discovered and reported to VpnMentor about 13 non-password-protected databases containing 4.6 million documents, including sensitive voter records and election-related documents. This breach raises significant concerns about data protection and the security of election systems in the United States. Discovery of the Breach Jeremiah Fowler’s investigation began when he stumbled upon a […]

The post 4.6 Million Voter Database & Election Documents Exposed Online appeared first on Cyber Security News.

Ransomware operators often acquire malware through purchases on the dark web, group affiliations, and leaked source codes rather than developing themselves. They target victims by using common tools and modified samples to propagate attacks. Recent reports by the security analysts at Kaspersky Lab suggest that new emerging groups like SEXi utilize different leaked ransomware variants, […]

The post Threat Actor Groups Using Leaked Ransomware Variants To Launch Attacks appeared first on Cyber Security News.

Multiple digital Video Recorder (DVR) devices have been identified with a critical security vulnerability, leaving over 408,000 units exposed to potential cyber-attacks. The flaw, primarily affecting models such as TVT DVR TD-2104TS-CL, TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM), and AVISION DVR AV108T, allows unauthorized access to sensitive device information due to insufficient access controls on the devices’ web servers. […]

The post Critical Vulnerability in Digital Video Recorders Exposes 400,000 Devices to Hackers appeared first on Cyber Security News.

A critical security flaw in Windows’ wallpaper handling mechanism has been uncovered. It allows attackers to gain system-level privileges on affected machines. Security researcher Andrea Pierini disclosed the vulnerability, which is tracked as CVE-2024-38100 and dubbed “FakePotato.” The FakePotato exploit takes advantage of a flaw in how Windows processes wallpaper files. By manipulating certain properties […]

The post Leaked Wallpaper Exploit Let Attackers Escalate Privilege on Windows Systems appeared first on Cyber Security News.