Cyber News - Page 11

Home > Cyber News

This category contains informative articles and news.
Cyber News about data breaches, online privacy and security, computer security threats, cybersecurity reports, vulnerability reports. News about the latest malware attacks.
Hot news about the security of Microsoft (Patch Tuesdays), Google, Android, Apple, Linux, and other big companies and software vendors.

CYBER NEWS
fake ransomware pushed on adult websites

Adult Websites Push a Fake Ransomware in Disguise

Security researchers detected a number of malicious adult websites that push a fake ransomware, which in reality is a data wiper. Adult Websites Pushing a Fake Ransomware Instead of encrypting the victim’s data, the ransomware acts as a wiper, attempting…

CYBER NEWS
LilithBot Malware New Addition to the Eternity Project Threat Actor - sensorstechforum

LilithBot Malware: New Addition to the Eternity Project Threat Actor

Security researchers have detailed a new, multi-functional malware. Called LilithBot, the malware is associated with the Eternity Project threat group which has been active since at least January 2022. Another Addition to the Eternity Project’s Malware Arsenal The Eternity threat…

CYBER NEWS
ProxyNotShell Zero-Day Mitigations Can Be Bypassed [CVE-2022-41040]

ProxyNotShell Zero-Day Mitigations Can Be Bypassed [CVE-2022-41040]

Two new zero-day vulnerabilities in Microsoft Exchange were recently reported by Microsoft and GTSC researchers. The two vulnerabilities, identified as CVE-2022-41040 and CVE-2022-41082, are known collectively as the ProxyNotShell exploit. CVE-2022-41040 is a server-side request forgery issue which can be…

CYBER NEWS
pos-malware-credit-card-sensorstechforum

Prilex PoS Malware Is More Evolved and Dangerous than Ever

The Prilex malware is back once again in three new versions. The malware has slowly been evolving from ATM-focused towards modular point-of-sale (PoS) malware. The Brazilian threat actor behind it has carried out “one of the largest attacks on ATMs…

CYBER NEWS
NullMixer Dropper Leads to an Infection Chain of Numerous Malware Families

NullMixer Dropper Leads to an Infection Chain of Numerous Malware Families

We’re in the season of aggressive malware campaigns, evident by the increased number of attacks detected and analyzed by security researchers. One specific type of malware is especially important to carrying out successful distribution campaigns – the dropper. NullMixer is…

CYBER NEWS
Emotet Malware Activity 2022 - sensorstechforum

Emotet Malware Activity 2022: 1,267,598 Infections Detected Worldwide

The Emotet malware is once again making the titles. According to a new AdvIntel report, so far in 2022, a total of 1,267,598 Emotet infections have been detected worldwide, with significant peaks between February and March, and June and July.…

CYBER NEWS
CVE-2022-32917-apple-zero-day-sensorstechforum

CVE-2022-32917: Actively Exploited Zero-Day in macOS and iOS

This week Apple released an emergency update to address a new zero-day vulnerability that affects macOS and iOS. CVE-2022-32917 Zero-Day: Overview Reports indicate that the zero-day has already been exploited in the wild. Tracked as CVE-2022-32917 and reported anonymously, the…

CYBER NEWS
shikitega linux malware

New Shikitega Linux Malware Achieves Persistence, Drops XMRig Miner

There’s a new dangerous Linux malware circling the web. Dubbed Shikitega, the malware has been infecting both Linux computers and IoT devices with additional payloads. How Does the Shikitega Malware Operate to Infect a Linux System? Discovered by T&T Alien…

CYBER NEWS
EvilProxy Phishing-as-a-Service Platform Bypasses MFA Mechanisms

EvilProxy Phishing-as-a-Service Platform Bypasses MFA Mechanisms

Cybersecurity researchers just uncovered another phishing-as-a-service [PaaS] platform. Called EvilProxy, the platform is specialized in reverse proxy phishing campaigns aiming to circumvent MFA [multi-factor authentication] mechanisms. EvilProxy: Reverse Proxy Phishing-as-a-Service Platform In computer networking, reverse proxy is a server situated…

CYBER NEWS
Chrome Version 104 Exposed to a Clipboard Overwrite Attack

Chrome Version 104 Exposed to a Clipboard Overwrite Attack

A security loophole affecting Google Chrome, Apple’s Safari and Mozilla Firefox was recently discovered by security researcher Jeff Johnson. The flaw could enable malicious pages to automatically overwrite clipboard content without the need of user interaction. Chrome, Safari and Firefox…

CYBER NEWS
CVE-2022-28799: Severe One-Click Vulnerability in TikTok App for Android

CVE-2022-28799: Severe One-Click Vulnerability in TikTok App for Android

A high severity vulnerability in the TikTok Android app has been fixed. The flaw could enable attackers to take over user accounts by tricking users into clicking a malicious link. Discovered by Microsoft, the vulnerability has already been fixed. Related…

CYBER NEWS
Unknown Threat Actor Drops ModernLoader, RedLine and Crypto Miners

Unknown Threat Actor Drops ModernLoader, RedLine and Crypto Miners

ModernLoader is a new remote access trojan detected by Cisco Talos researchers. ModernLoader Campaigns in the Wild More specifically, the researchers analyzed three separate, but related campaigns in the period March-June 2022 that delivered ModernLoader, RedLine and several cryptocurrency miners.…

CYBER NEWS
New Agenda Ransomware Can Be Customized for Each Target

New Agenda Ransomware Can Be Customized for Each Target

Agenda is a new strain of Golang ransomware specifically targeting healthcare and education organizations in Indonesia, Thailand, South Africa, and Saudi Arabia. Discovered by Trend Micro researchers, Agenda ransomware can reboot compromised systems in safe mode and can attempt to…

CYBER NEWS
Nitrokod Crypto Miner Infects Thousands of Machines in 11 Countries

Nitrokod Crypto Miner Infects Thousands of Machines in 11 Countries

A Turkish-based cryptocurrency mining malware (crypto miner) campaign has been detected. Called Nitrokod and discovered by the Check Point Research team, the campaign has infected machines across 11 countries with a XMRig crypto miner. Nitrokod Cryptominer Campaign: Some Details The…

CYBER NEWS
Malware Statistics 2022: Ransomware Continues to Be the Top Threat

Malware Statistics 2022: Ransomware Continues to Be the Top Threat

A new report by NCC Group sheds light on the threat landscape for the past month (July 2022). Apparently, ransomware attacks are once again on the rise, with LockBit being the most active ransomware in the wild. What else has…

CYBER NEWS
LockBit Ransomware Adds DDoS and Triple Extortion to Its Operation

LockBit Ransomware Adds DDoS, Triple Extortion to Its Operation

The LockBit ransomware group is now working towards improving its protection against DDoS attacks as well as adding triple extortion to its malicious operations. These actions are triggered by a recent clash between LockBit criminals and security firm Entrust. LockBit…

CYBER NEWS
CVE-2022-36804: Critical Atlassian Bitbucket Server Flaw

CVE-2022-36804: Critical Atlassian Bitbucket Server Flaw

Another critical Atlassian vulnerability has been reported in numerous API endpoints of Bitbucket Server and Data Center. The vulnerability in question is CVE-2022-36804, a command injection issue in version 7.0.0 of Bitbucket Server and Data Center. CVE-2022-36804: Atlassian Bitbucket Server…

CYBER NEWS
MagicWeb Post-Exploitation Malware Targets AD FS Servers

MagicWeb Post-Exploitation Malware Targets AD FS Servers

MagicWeb is the name of a new post-exploitation (post-compromise) tool discovered and detailed by Microsoft security researchers. The tool is attributed to the Nobelium APT (advanced persistent threat) group which uses it to maintain persistent access to compromised systems. This…

CYBER NEWS
CVE-2022-2884 gitlab vulnerability

CVE-2022-2884: Critical GitLab Vulnerability Enables Remote Code Execution

GitLab revealed a critical vulnerability for branches 15.1, 15.2, and 15.3 of its community and enterprise editions. The vulnerability, identified as CVE-2022-2884 and rated 9.9 on the CVSS scale, could enable a threat actor to carry out remote command execution…

CYBER NEWS
CVE-2022-2588: Dirty Cred Linux Kernel Vulnerability

CVE-2022-2588: Dirty Cred Linux Kernel Vulnerability

CVE-2022-2588, also known as Dirty Cred, is an eight-year old vulnerability in the Linux kernel that has been described as “as nasty as Dirty Pipe”. The Connection Between CVE-2022-2588 and CVE-2022-0847 Dirty Pipe, or CVE-2022-0847, was disclosed earlier this year…

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree