Cyber Security News

A critical vulnerability in GeoServer, an open-source Java-based software server, has put thousands of servers at risk. The flaw, CVE-2024-36401, allows unauthenticated users to execute remote code, posing a significant threat to global geospatial data infrastructures. A recent tweet from The Shadowserver Foundation reported that the CVE-2024-36401 vulnerable GeoServer instances.               CVE-2024-36401-Vulnerability Details According to […]

The post Hackers Actively Exploiting GeoServer RCE Flaw, 6635 Servers Vulnerable appeared first on Cyber Security News.

Cryptocurrency scams are becoming increasingly sophisticated. This article delves into the intricacies of these scams, providing insights into how they operate and offering tips on how to protect your cryptocurrency assets. The scam begins innocuously with a forwarded Telegram message about a cryptocurrency sale. The message includes a five-second video clip featuring a screenshot of […]

The post Beware of Malicious Crypto Management App that Drains Your Wallet appeared first on Cyber Security News.

On July 30, 2024, Microsoft experienced a significant global outage affecting its Azure cloud services and Microsoft 365 products. The incident, which lasted nearly 10 hours, was triggered by a Distributed Denial-of-Service (DDoS) attack and impacted users worldwide. The outage began at approximately 11:45 UTC and was resolved by 19:43 UTC. During this period, users […]

The post DDoS Attack Leads to Microsoft Azure Global Outage appeared first on Cyber Security News.

A recent discovery has unveiled vulnerabilities in multiple hosted, outbound SMTP servers, allowing authenticated users and certain trusted networks to send emails with spoofed sender information. These vulnerabilities, CVE-2024-7208 and CVE-2024-7209, exploit weaknesses in the authentication and verification mechanisms provided by Sender Policy Framework (SPF) and Domain Key Identified Mail (DKIM). Domain-based Message Authentication, Reporting, […]

The post Multiple SMTP Servers Vulnerable to Spoofing Attacks, Hackers Bypassing Authentication appeared first on Cyber Security News.

Google has rolled out a critical security update for its Chrome browser, addressing a severe flaw that could lead to browser crashes. The update, now available on the Stable channel, brings Chrome to version 127.0.6533.88/89 for Windows and Mac and 127.0.6533.88 for Linux. This update will be distributed over the coming days and weeks. The […]

The post Google Patched Critical Chrome Vulnerability Leads to Browser Crash appeared first on Cyber Security News.

A sophisticated phishing campaign with Tycoon 2FA Phish-kit has been identified, leveraging Amazon Simple Email Service (SES) and a series of high-profile redirects to steal user credentials. The attack chain, meticulously designed to evade detection, involves multiple stages and utilizes various compromised domains and services. According to the Phishing sample analysis, The phishing attack begins […]

The post Beware! Tycoon 2FA Phish-kit Exploits Amazon SES to Steal User Credentials appeared first on Cyber Security News.

Security researchers have uncovered a critical vulnerability affecting over one million websites. The vulnerability combines OAuth implementation flaws with cross-site scripting (XSS) attacks. The vulnerability stems from the interaction between OAuth, a widely used authentication protocol, and XSS, a long-standing web security issue. While XSS attacks have become less prevalent due to improved security measures, […]

The post Critical OAuth Vulnerability Exposes 1 Million Sites to XSS Attacks appeared first on Cyber Security News.

Cybersecurity firm Zscaler has revealed that the Dark Angels ransomware group received an unprecedented $75 million ransom payment from a single victim in a shocking development that underscores the escalating ransomware threat. This staggering sum nearly doubles the $40 million paid by insurance giant CNA Financial in 2021, marking a new milestone in the history […]

The post Record-breaking Ransom Payment: Dark Angels Ransomware Received $75 Million appeared first on Cyber Security News.

Indicators of Compromise (IOCs) are key forensic data points used to detect security breaches. They include file hashes, suspicious IP addresses, domain names, URLs, specific email addresses, unusual file names, registry changes, unexpected processes, and abnormal network traffic patterns. These elements help identify malicious activity and are crucial for timely detection and response to cybersecurity […]

The post How to Collect and Use IOCs From Malware Configs in TI Lookup – SOC/DFIR Teams appeared first on Cyber Security News.

On July 30, 2024, at approximately 13:13 UTC, Microsoft Azure & Microsoft 365 reported a global outage affecting a subset of its services. The issue resulted in timeouts and difficulties connecting to various Azure services worldwide. Multiple engineering teams at Microsoft were promptly engaged to diagnose and resolve the issue. The company acknowledged the problem […]

The post Microsoft Azure Globally Down – What’s Happening! appeared first on Cyber Security News.

Researchers uncovered Cuckoo Spear, a new threat actor associated with the APT10 group, demonstrating persistent stealthy operations within victim networks for two to three years.  The advanced persistent threat (APT) utilizes novel techniques and tools to conduct cyber espionage, emphasizing the critical need for robust security protocols, continuous threat monitoring, and collaborative intelligence sharing among […]

The post Cuckoo Spear Attacking Windows Users With Highly Sophisticated Malware appeared first on Cyber Security News.

The Medusa Ransomware Group experienced significant operational security (OPSEC) failure, which was primarily due to the group’s use of Rclone, a widely utilized tool for data exfiltration, to store stolen data in the cloud storage service put.io.  The key issue arose from a misconfigured Rclone configuration file, which contained access tokens and other credentials, inadvertently […]

The post Researchers Hacked into Medusa Ransomware Group’s Cloud Storage appeared first on Cyber Security News.

Cybercriminals have launched a smishing campaign targeting iPhone users in India, impersonating India Post. Malicious iMessages falsely claim a package awaits at an India Post warehouse, enticing victims to click on fraudulent links.  It leverages the widespread trust in India Post and the popularity of iPhones to deceive users into compromising their devices and potentially […]

The post iPhone Users Beware! Fake Postal Messages Stealing Your Login Credentials appeared first on Cyber Security News.

Progress Software has disclosed a new high-severity vulnerability in its MOVEit Transfer file transfer solution that could allow attackers to escalate privileges through improper authentication. The vulnerability, tracked as CVE-2024-6576 with a CVSS score of 7.3, affects the SFTP module of MOVEit Transfer. The security flaw impacts multiple versions of MOVEit Transfer, including: According to […]

The post New MOVEit File Transfer Vulnerability Let Attackers Escalate Privileges appeared first on Cyber Security News.

Maintaining continuous vigilance is essential for organizations of all sizes in the face of increasing cyber threats. However, lean IT security teams often face the challenge of providing 24/7 threat monitoring and response with limited resources. For lean IT security teams, achieving continuous threat monitoring and response requires a strategic blend of automation, outsourcing, and […]

The post Achieving 24/7 Threat Monitoring & Response for Small IT Security Teams – Free Guide appeared first on Cyber Security News.

A grand jury in Kansas City has charged North Korean national Rim Jong Hyok for orchestrating a series of cyberattacks targeting U.S. hospitals and healthcare providers. The indictment outlines a conspiracy involving ransomware attacks, extortion, and money laundering. The ill-gotten gains funded further intrusions into defense, technology, and government entities worldwide. A Relentless Pursuit of […]

The post North Korean Government Hacker Charged for Attacking U.S. Hospitals appeared first on Cyber Security News.

HealthEquity, Inc., a prominent health savings account administrator, has reported a data breach affecting approximately 4.3 million individuals. The breach, which occurred on March 9, 2024, and was discovered on June 26, 2024, has raised serious concerns about data security and privacy. Breach Details and Discovery HealthEquity, headquartered at 15 West Scenic Point Dr., Suite […]

The post HealthEquity Data Breach, 4.3 Million User Data Exposed appeared first on Cyber Security News.