Cyber Security News

The communication between DNS recursive resolvers and authoritative nameservers is largely unsecured, making it susceptible to on-path and off-path attacks. Though many security proposals have been put forward, they often face implementation challenges or lack adequate security features. This persistent vulnerability reveals the need for a new, widely deployable secure scheme that will overcome the […]

The post DNSSEC+ – Secure Model That Addresses Security And Downsides Of DNSSEC appeared first on Cyber Security News.

Cybersecurity researcher Jeremiah Fowler discovered and reported to VpnMentor about 13 non-password-protected databases containing 4.6 million documents, including sensitive voter records and election-related documents. This breach raises significant concerns about data protection and the security of election systems in the United States. Discovery of the Breach Jeremiah Fowler’s investigation began when he stumbled upon a […]

The post 4.6 Million Voter Database & Election Documents Exposed Online appeared first on Cyber Security News.

Ransomware operators often acquire malware through purchases on the dark web, group affiliations, and leaked source codes rather than developing themselves. They target victims by using common tools and modified samples to propagate attacks. Recent reports by the security analysts at Kaspersky Lab suggest that new emerging groups like SEXi utilize different leaked ransomware variants, […]

The post Threat Actor Groups Using Leaked Ransomware Variants To Launch Attacks appeared first on Cyber Security News.

Multiple digital Video Recorder (DVR) devices have been identified with a critical security vulnerability, leaving over 408,000 units exposed to potential cyber-attacks. The flaw, primarily affecting models such as TVT DVR TD-2104TS-CL, TD-2108TS-HP, Provision-ISR DVR SH-4050A5-5L(MM), and AVISION DVR AV108T, allows unauthorized access to sensitive device information due to insufficient access controls on the devices’ web servers. […]

The post Critical Vulnerability in Digital Video Recorders Exposes 400,000 Devices to Hackers appeared first on Cyber Security News.

A critical security flaw in Windows’ wallpaper handling mechanism has been uncovered. It allows attackers to gain system-level privileges on affected machines. Security researcher Andrea Pierini disclosed the vulnerability, which is tracked as CVE-2024-38100 and dubbed “FakePotato.” The FakePotato exploit takes advantage of a flaw in how Windows processes wallpaper files. By manipulating certain properties […]

The post Leaked Wallpaper Exploit Let Attackers Escalate Privilege on Windows Systems appeared first on Cyber Security News.

Security researchers have discovered a new way that hackers can steal sensitive information, like passwords. This involves eavesdropping on HDMI cables, a concerning development for computer users. The technique, detailed in a recent study by researchers at Universidad de la República in Uruguay, uses artificial intelligence to decode electromagnetic emissions from HDMI connections and reconstruct […]

The post Hackers Can Use HDMI Cables to Capture Your Passwords appeared first on Cyber Security News.

Stay up to date with cybersecurity news! Our Weekly Cybersecurity Newsletter provides a curated summary of the most important updates, trends, and insights from the cybersecurity world. Whether you’re an IT professional, a business executive, or just someone interested in protecting your online life, our newsletter is designed to keep you informed. Our cybersecurity team […]

The post Weekly Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & More appeared first on Cyber Security News.

TgRat, a Telegram-controlled trojan, was discovered attacking Linux servers in an attempt to steal data from a compromised system. In 2022, the TgRat trojan was first identified. Although the original version of the trojan was small and designed for Windows, the latest version uses the widely used messaging app Telegram to target Linux servers. “The […]

The post Telegram-Controlled TgRat Attacking Linux Servers to Exfiltrate Data appeared first on Cyber Security News.

Threat actors have been exploiting the attack vector known as Sitting Ducks since at least 2019 to conduct malware delivery, phishing, brand impersonation, and data exfiltration by exploiting flaws in DNS. This widespread flaw, affecting multiple DNS providers, enables domain hijacking without detection. Besides this, the researchers from Infoblox and Eclypsium have unveiled this critical […]

The post Sitting Ducks DNS Attack Hijack 35,000 Domains appeared first on Cyber Security News.

Researchers from ANY RUN identified a malware distribution campaign dubbed DeerStealer that leverages deceptive websites masquerading as legitimate Google Authenticator download pages.  The initial discovered website, “authentificcatorgoolglte[.]com,” closely resembles the authentic Google page “safety.google/intl/en_my/cybersecurity-advancements,” presumably to trick users into believing it’s a genuine source for the application.  Clicking the “Download” button on this fake website […]

The post Beware! Fake Google Authenticator Sites Spreading DeerStealer Malware appeared first on Cyber Security News.

Threat actors exploit AI to make their attacks more effective through automation, scanning large data sets for security gaps and creating intricate phishing scams that are harder to spot. In addition, threat actors can employ AI to produce legit-looking fake content and evade security measures. Cybersecurity researchers at Cyble recently identified that threat actors have […]

The post Threat Actors Exploiting ChatGPT’s Sora AI Excitement To Deliver Malware appeared first on Cyber Security News.

Threat actors masquerade as interviewers and send a ZIP file (onlinestoreforhirog.zip) to candidates as part of a fake interview, which contains legitimate files and a malicious JavaScript file (printfulRoute.js) that is obfuscated to evade detection.  The obfuscated code uses techniques like base64 encoding, dynamic function names, and string concatenation to hide its functionality. After deobfuscation, […]

The post DEV#POPPER Attacking developers via New Social Engineering Tactics appeared first on Cyber Security News.

Fresnillo PLC, the world’s largest primary silver producer, and Mexico’s largest gold producer has announced that it has been the target of a significant cybersecurity incident. The breach resulted in unauthorized access to specific IT systems and data. Upon discovering the incident, Fresnillo immediately activated its response protocols to mitigate the impact. The company’s IT […]

The post Leading Silver Producer Fresnillo PLC Suffer Cyberattack appeared first on Cyber Security News.

A sophisticated phishing campaign targets Microsoft OneDrive users, employing social engineering to trick victims into executing malicious PowerShell scripts.  The attack leverages a false sense of urgency by claiming a DNS issue prevents file access, enticing users to click a button that triggers PowerShell script execution and compromising affected systems.  An Email-Borne Phishing Attack Leverages […]

The post Tricky OneDrive Phishing Campaign Tricks Users To Execute PowerShell Script appeared first on Cyber Security News.

A Russian threat actor known as Fighting Ursa (also referred to as APT28, Fancy Bear, and Sofacy) has been identified in a new campaign that began in March 2024. This campaign uses a fake car sale advertisement to distribute the HeadLace backdoor malware, primarily targeting diplomats. The campaign leverages legitimate services such as Webhook.site to […]

The post Audi Q7 Car For Sale – But Malware Will be Delivered Instead of Car appeared first on Cyber Security News.

In mid-2022, Mandiant’s Managed Defense first uncovered UNC4393, the primary user of BASTA ransomware. This financially motivated threat cluster has attacked over 40 business entities and 20 industry verticals. Recently, it focused on healthcare firms. QAKBOT botnet infections are generally exploited by UNC4393 to gain initial access, with distribution being mainly done through phishing emails […]

The post UNC4393 Actors Behind BASTA Ransomware Exploited via Partnerships appeared first on Cyber Security News.

Security researchers have discovered a severe vulnerability in the Linux kernel that could allow attackers to gain full control over affected systems. Dubbed “SLUBStick,” the exploit technique uses memory allocation flaws to achieve arbitrary read and write access to kernel memory. The vulnerability, detailed in a paper by Graz University of Technology researchers, affects recent […]

The post SLUBStick Linux Vulnerability Let Attackers Gain Full System Control appeared first on Cyber Security News.

Cybercriminals increasingly leverage the TryCloudflare Tunnel to deliver Remote Access Trojans (RATs) in financially motivated attacks. TryCloudflare is a tool for developers to experiment with Cloudflare Tunnel without adding a site to Cloudflare’s DNS. Threat actors continually refine tactics to evade detection and enhance campaign efficacy, complicating attribution and necessitating ongoing analysis.  They exploit Cloudflare […]

The post Hackers Abuse TryCloudflare Service To Bypass Detection And Deliver Malware appeared first on Cyber Security News.

Phishing campaigns intensified in May 2024, with Poland bearing the brunt of attacks, accounting for 80% of over 26,000 protected users, as Italy and Romania also experienced significant targeting.  Threat actors launched nine distinct phishing campaigns during the month, primarily focusing on Poland with seven dedicated attacks.  Recent cyberattacks have transitioned from using AceCryptor to […]

The post New Widespread Phishing Campaign Attacking Users With Multiple Malware appeared first on Cyber Security News.

Microsoft has released a critical security update for its Edge browser to address multiple vulnerabilities, including a severe validation flaw that could allow attackers to execute arbitrary code on affected systems. The update, released on August 1, 2024, patches three significant vulnerabilities in Microsoft Edge versions prior to 127.0.2651.86: The most severe of these, CVE-2024-7256, […]

The post Microsoft Edge Vulnerability Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.