Cyber Security News

A popular open-source firewall software pfSense vulnerability has been identified, allowing for remote code execution (RCE) attacks. The vulnerability, tracked as CVE-2022-31814, highlights potential risks in pfSense installations, particularly those using the pfBlockerNG package. pfSense is a widely used, FreeBSD-based firewall and router software that offers enterprise-grade features and security. It is renowned for its […]

The post Open Source Firewall pfsense Vulnerable to Remote Code Execution Attacks appeared first on Cyber Security News.

In November 2023, hackers from Iran hacked the Municipal Water Authority of Aliquippa, Pennsylvania. They targeted a vulnerable control system and damaged it with anti-Israel statements. Two months later, in January 2024, Russians attacked Muleshoe and Abernathy water facilities, causing minor disruptions such as the overflowing of water storage tanks. These are incidents that reveal […]

The post Thousands Of Internet-Connected ICS Devices Exposes Critical Infrastructure To Cyber Attacks appeared first on Cyber Security News.

The giant global electricity network intercrosses the fast-growing solar power infrastructure and ubiquitous Internet of Things, making a complex point of energy and data. This intersection relies on vulnerable inverters and controllers—key elements that may be vulnerable spots as per recent studies.  Cybersecurity analysts at BitDefender recently discovered that a series of Solar Power system […]

The post Series Of Solar Power System Vulnerabilities Impacts Millions Of Installations appeared first on Cyber Security News.

Clearlake is a cyber threat operation that distributes fake antivirus software to make users perceive their system as infected. Sometimes, malicious software can be designed to ask for payment to remove it, or it installs more malware that steals sensitive data or causes further damage to the victim’s system. Cybersecurity analysts at Avast Threat Labs […]

The post Threat Actors Hijacking Websites To Deliver .NET-Based Malware appeared first on Cyber Security News.

Roundcube, a widely adopted open-source webmail application, is included by default in the popular cPanel web hosting control panel, leading to millions of installations worldwide.  The software is commonly used by universities and government agencies, making the email accounts of public sector employees a valuable target for Advanced Persistent Threat (APT) groups engaged in espionage.  […]

The post Critical XSS Vulnerability In Roundcube Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

Attackers obtain system configuration files by taking advantage of software or protocols that are installed on devices, such as by abusing the legacy Cisco Smart Install feature. Additionally, CISA notes that weak password types are still being used on Cisco network devices. Password cracking attacks are made possible by the use of weak password types.  […]

The post CISA Warns of Hackers Exploiting Cisco Smart Install Feature appeared first on Cyber Security News.

ADT Inc., a prominent security and automation solutions provider, reported that unauthorized actors accessed specific databases containing customer order information. The company swiftly addressed the breach, which raised concerns about data security and customer privacy. Unauthorized Access and Immediate Response ADT became aware of the breach when unauthorized actors illegally accessed customer order information databases. […]

The post ADT Data Breach: Customers Personal Information Exposed appeared first on Cyber Security News.

At the recent Black Hat USA conference, security researcher Michael Bargury unveiled alarming vulnerabilities within Microsoft Copilot, demonstrating how hackers can potentially exploit this AI-powered tool for malicious purposes. This revelation underscores the urgent need for organizations to reassess their security measures when using AI technologies like Microsoft Copilot. Bargury’s presentation highlighted several methods through […]

The post Researchers Demonstrate How Hackers Can Exploit Microsoft Copilot appeared first on Cyber Security News.

Cisco has announced the integration of its Talos threat intelligence across multiple Splunk security products, marking a significant milestone in the company’s efforts to combine capabilities following its acquisition of Splunk earlier this year. Cisco Talos threat intelligence integration is now available for Splunk Attack Analyzer, with upcoming integrations planned for Splunk Enterprise Security and […]

The post Cisco Integrated Talos Threat Intelligence for All Splunk Users appeared first on Cyber Security News.

A critical vulnerability, identified as CVE-2024-7553, has been discovered in MongoDB. It could potentially allow attackers to take complete control of Windows systems. This vulnerability arises from incorrect validation of files loaded from a local untrusted directory, which can lead to local privilege escalation on Windows operating systems. The flaw affects several versions of MongoDB […]

The post MongoDB Vulnerability Allows Attackers to Gain Complete Control of Windows Systems appeared first on Cyber Security News.

Researchers at Symantec have identified a new Linux ransomware variant linked to a bilingual (English and Spanish) double-extortion ransomware group. This emerging threat poses significant risks to organizations by encrypting and exfiltrating sensitive data, demanding ransom payments for decryption and data protection. Double extortion ransomware is a particularly dangerous type of cyberattack in which attackers […]

The post New Double-Extortion Ransomware Attacking Linux Machines appeared first on Cyber Security News.

A recent research presentation at Black Hat USA 2024 revealed architectural vulnerabilities within the Apache HTTP Server, a widely used web server software. The research highlights several technical debts within Httpd, including three types of Confusion Attacks, nine new vulnerabilities, 20 exploitation techniques, and over 30 case studies. Apache HTTP Server operates through a modular […]

The post Confusion Attacks in Apache HTTP Server Let Attackers Gain Root Access Remotely appeared first on Cyber Security News.

PoC exploit released for critical 0-click remote code execution (RCE) vulnerability affecting Windows Server. This flaw impacts Windows Server versions from 2000 to the latest 2025 preview. This vulnerability, identified as CVE-2024-38077, resides in the Windows Remote Desktop Licensing Service and poses a significant threat due to its ability to be exploited without any user […]

The post PoC Released for 0-click RCE Flaw Impacting Windows Server – MadLicense appeared first on Cyber Security News.

Malware analysis can be challenging, as it often requires in-depth theoretical knowledge and advanced skills. Tools like an interactive sandbox help simplify it, making sophisticated malware behavior easy to expose and understand even for junior security professionals. Here are some of the challenges that interactive malware sandboxes help analysts solve.  What is an Interactive Sandbox […]

The post 5 Malware Analysis Challenges Solved by an Interactive Sandbox appeared first on Cyber Security News.

Researchers from JPCERT uncovered a new technique known as “Smali Gadget Injection,” which is set to revolutionize the dynamic analysis of Android malware. This method offers a more flexible approach compared to existing tools like Frida, which, while useful, provide limited insights due to their general-purpose nature. Traditionally, analyzing Android malware dynamically has posed significant […]

The post Analyse Android Malware Using Innovative Smali Gadget Injection Technique appeared first on Cyber Security News.

Cybersecurity Researchers have unveiled the complicated evolution of the cybercriminal underworld. This transformation, spanning decades, has seen hackers evolve from isolated individuals seeking notoriety to organized syndicates driven by profit. The findings provide crucial insights into the operational dynamics of modern cybercriminal organizations, offering valuable knowledge for cybersecurity professionals striving to protect against these threats. […]

The post Researchers Detailed the Evolution of Cybercriminal Underworld appeared first on Cyber Security News.

In a recent study, researchers from the Université de Montréal and Flare Systems have demonstrated that large language models (LLMs) can accurately extract critical cyber threat intelligence (CTI) from cybercrime forums with an impressive 98% accuracy. The findings, published in a white paper, highlight the immense potential of AI in bolstering cybersecurity efforts. The research […]

The post AI Model Achieve 98% Accuracy in Collecting Threat Intelligence From Dark Web Forums appeared first on Cyber Security News.

A newly identified hacker group, designated as STAC6451, has been actively targeting Microsoft SQL (MSSQL) servers to compromise organizations, primarily in India. This group leverages exposed MSSQL servers to deploy ransomware and other malicious activities, posing a significant threat to various sectors. STAC6451 exploits MSSQL servers exposed to the public internet through the default TCP/IP […]

The post STAC6451 Hackers Attacking Microsoft SQL Servers to Compromise Organizations appeared first on Cyber Security News.

Cybersecurity experts have uncovered a new worm named CMoon targeting users through compromised websites. This sophisticated malware can steal confidential and payment data, download additional malware, and launch Distributed Denial-of-Service (DDoS) attacks. The worm was initially detected in July 2024, and its distribution method and functionality have raised significant concerns among cybersecurity professionals. Detection and […]

The post New Cmoon Worm Attacking Users Via Compromised Websites appeared first on Cyber Security News.

The Tor Project has announced the release of Tor Browser 13.5.2, which includes significant security updates and improvements, mainly focusing on integrating the latest Firefox security patches. Tor Browser anonymizes web traffic using the Tor network, making it easy to protect your identity online. The Tor Browser, updated to version 11.4.31, enhances script-blocking capabilities and […]

The post Tor Browser 13.5.2 Released: What’s New! appeared first on Cyber Security News.