Quantcast
Channel: do son, Author at Cybersecurity News
Browsing all 1430 articles
Browse latest View live

Cross Fork Object Reference (CFOR): GitHub’s New Security Vulnerability

Experts at Truffle Security have discovered that data from deleted forks, repositories, and even private repositories on GitHub may remain accessible indefinitely. This issue is not only known to the...

View Article


“ConfusedFunction” Flaw Opens Google Cloud Platform to Privilege Escalation...

Cybersecurity researchers have uncovered a privilege escalation vulnerability in the Cloud Functions service on the Google Cloud Platform. This vulnerability, dubbed ConfusedFunction, could allow an...

View Article

LummaC2 Malware Uses Gaming Platform as C2 Server

Security researchers from AhnLab Security (ASEC) recently identified a new variant of the LummaC2 malware, which utilizes the popular gaming platform Steam as a C2 server. This method significantly...

View Article

“TuDoor” Attack: New DNS Vulnerability Threatens Internet Security

Researchers have discovered a new critical vulnerability in the Domain Name System (DNS), which enables a specialized attack termed “TuDoor.” This attack can be used to poison DNS caches, initiate...

View Article

Hackers Leak Sensitive Documents from Major Pentagon IT Contractor, Leidos

Cybercriminals have leaked internal documents stolen from Leidos Holdings Inc., one of the largest IT service providers for the U.S. government, Bloomberg reports. According to a source familiar with...

View Article


France Leads International Effort to Eradicate PlugX Trojan from 3,000 Systems

A large-scale operation to remove the PlugX trojan from infected devices has commenced in six countries. This campaign was organized by the French police with the support of Europol and the French...

View Article

Malicious Emails Bypass Secure Email Gateways, Delivering FormBook Malware

A new wave of cyberattacks has exposed a critical weakness in Secure Email Gateways (SEGs), allowing malicious emails to bypass security filters and deliver dangerous malware payloads. Cofense...

View Article

Spytech Hacked: Thousands of Devices Exposed in Spyware Maker Breach

Recently, TechCrunch‘s technical specialists uncovered a rather intriguing incident in the IT world. A small Minnesota-based company, Spytech, specializing in spyware production, fell victim to a cyber...

View Article


CVE-2024-39676: Apache Pinot Flaw Exposes Sensitive Data, Urgent Upgrade Needed

Apache Pinot, a real-time analytics open-source platform for lightning-fast insights, effortless scaling, and cost-effective data-driven decisions, has recently disclosed a serious security...

View Article


MonoSwap Hacked: Urgent Withdrawal Alert

The popular decentralized cryptocurrency exchange platform MonoSwap recently suffered a cyberattack. The platform’s administration urges users not to add liquidity or participate in farming pools until...

View Article

Financial Fallout: CrowdStrike Downtime Leaves $5.4 Billion Hole in Fortune 500

A recent report by Parametrix, a leading cloud monitoring and insurance firm, has revealed the staggering financial fallout of the July 19th CrowdStrike outage. The report estimates that Fortune 500...

View Article

Spyware Targets MEP Daniel Freund Before EU Elections

German Member of the European Parliament, Daniel Freund, revealed that he was targeted by sophisticated spyware two weeks before the European Parliament elections. Politico provided a detailed account...

View Article

From Cheating to Thievery: EvolvedAim’s Creator Exposed as Malware Distributor

The developer of EvolvedAim, a popular cheat for the game Escape From Tarkov, recently found himself at the center of a major scandal. It was discovered that, alongside his paid subscription cheat, the...

View Article


PKfail Vulnerability: A New Threat to UEFI Security Unveiled by Binarly...

In a recent and alarming discovery, cybersecurity specialists from Binarly have identified a critical flaw affecting hundreds of UEFI products from 10 prominent suppliers. The vulnerability, dubbed...

View Article

CVE-2024-40897: Vulnerability in Orc Compiler Opens Door to Code Execution...

Security researchers have disclosed a critical vulnerability (CVE-2024-40897) in the Orc compiler, a widely-used tool for compiling and executing simple data-array programs. The vulnerability, stemming...

View Article


X (Formerly Twitter) Silently Trains AI on User Data, Sparks Privacy Concerns

X, the social media platform previously known as Twitter, has sparked privacy concerns by enabling a data-sharing feature by default. This feature allows X to share user data, including posts and...

View Article

BSNL Data Breach: State Telecom Giant Exposed on Hacker Forum

On May 27, a user with the alias “kiberphant0m” on Breach Forums, a site renowned among hackers, offered for sale data allegedly hacked from Bharat Sanchar Nigam Limited (BSNL) for $5000. Bharat...

View Article


W2 Form Phishing Campaign Delivers Brute Ratel and Latrodectus Malware

Rapid7, a leading cybersecurity firm, has issued a warning about a new phishing campaign targeting individuals seeking W2 tax forms online. The campaign leverages fake IRS websites that appear in Bing...

View Article

Palo Alto Networks’ AI-Powered Tool Exposes 15 Vulnerabilities in...

Palo Alto Networks is actively developing security technologies leveraging artificial intelligence. In 2023, the company’s researchers created an automated tool for detecting BOLA (Broken Object-Level...

View Article

AI’s Dark Side: Hackers Harnessing ChatGPT and LLMs for Malicious Attacks

In a concerning trend, cybercriminals are increasingly leveraging Large Language Models (LLMs) like ChatGPT to craft sophisticated and deceptive attacks, according to a recent report from Symantec....

View Article
Browsing all 1430 articles
Browse latest View live