Cyber News - Page 3

Home > Cyber News

This category contains informative articles and news.
Cyber News about data breaches, online privacy and security, computer security threats, cybersecurity reports, vulnerability reports. News about the latest malware attacks.
Hot news about the security of Microsoft (Patch Tuesdays), Google, Android, Apple, Linux, and other big companies and software vendors.

CYBER NEWS
CVE-2023-3079- Type Confusion Vulnerability in Chrome

CVE-2023-3079: Type Confusion Vulnerability in Chrome

CVE-2023-3079 is a type confusion bug in V8. On Monday, Google released a security patch to take care of a critical vulnerability in the Chrome web browser, which it claimed had already been subjected to an attack. CVE-2023-3079 in Chrome:…

CYBER NEWS
Latest Magecart Campaign Abuses Legitimate Sites to Exfiltrate Data

Latest Magecart Campaign Abuses Legitimate Sites to Exfiltrate Data

Security researchers recently detected an active and continuous operation with a large scale, administering Magecart infiltration attacks on legitimate e-commerce websites. New Magecart Campaign Detected in the Wild Recent weeks have shown a surge in Magecart-style skimmer campaigns. This new…

CYBER NEWS
CVE-2023-21492 in Samsung Devices that Run Android 11, 12, ND 13

CVE-2023-21492 in Samsung Devices that Run Android 11, 12, 13

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding active exploitation of medium-severity Samsung device vulnerability, tracked as CVE-2023-21492 and scoring 4.4 on CVSS. The issue impacts Samsung Devices running Android versions 11, 12, and 13.…

CYBER NEWS
CVE-2023-27217 Discovered in Belkin's Wemo Mini Smart Plug

CVE-2023-27217 Discovered in Belkin’s Wemo Mini Smart Plug

CVE-2023-27217 is a new security vulnerability in Belkin’s second-generation Wemo Mini Smart Plug, which was discovered by Israeli IoT security company Sternum. Belkin’s second-generation Wemo Mini Smart Plug (F7C063) was found to contain a buffer overflow vulnerability, identified as CVE-2023-27217,…

CYBER NEWS
Meet Geacon- Cobalt Strike's macOS Variant

Meet Geacon: Cobalt Strike’s macOS Variant

Recent months have seen an uptick in the number of Geacon payloads appearing on VirusTotal, a Golang implementation of Cobalt Strike specifically designed for targeting Apple macOS systems. According to SentinelOne’s security researchers Phil Stokes and Dinesh Devadoss, some of…

CYBER NEWS
New MichaelKors Ransomware Targets ESXi and Linux

New MichaelKors Ransomware Targets ESXi and Linux

Due to VMware’s popularity in the virtualization field and its prominence in many organization’s IT systems, their virtual infrastructure products have become highly attractive targets for attackers. This increase in attacks is due to a lack of security tools, inadequate…

CYBER NEWS
CVE-2022-30190 Used in Attacks to Drop XWorm Malware

CVE-2022-30190 Used in Attacks to Drop XWorm Malware

An ongoing phishing campaign known as MEME#4CHAN has been uncovered in the wild, which uses a peculiar attack chain to deliver XWorm malware to targeted systems. Den Iuzvyk, Tim Peck, and Oleg Kolesnikov of Securonix recently revealed that the campaign…

CYBER NEWS
CVE-2023-29324 in MSHTML Affects All Windows Versions

CVE-2023-29324 in MSHTML Affects All Windows Versions

CVE-2023-29324 is a new vulnerability in the Windows MSHTML platform. CVE-2023-29324 Technical Overview: What Is Known So Far First of, let’s explain what the MSHTML platform is. MSHTML, commonly referred to as Trident, is the browser engine used by Microsoft’s…

CYBER NEWS
CVE-2023-29336- Microsoft Fixes Privilege Escalation Flaw in Win32k

CVE-2023-29336: Microsoft Fixes Privilege Escalation Flaw in Win32k

Microsoft has released its May 2023 Patch Tuesday updates to tackle 38 security issues, including one zero-day bug that is reportedly being exploited in the wild. Microsoft’s May 2023 Patch Tuesday According to Trend Micro’s Zero Day Initiative (ZDI), this…

CYBER NEWS
CVE-2018-9995 in TBK Devices Exploited in the Wild

CVE-2018-9995 in TBK Devices Exploited in the Wild

FortiGuard Labs recently warned in an outbreak alert of a five-year-old flaw being abused by threat actors, affecting TBK digital video recording (DVR) devices. This severe security vulnerability, which has been designated CVE-2018-9995 (CVSS score: 9.8), is a critical authentication…

CYBER NEWS
LOBSHOT- a Covert, Info-Stealing Malware on the Loose

LOBSHOT: a Covert, Info-Stealing Malware on the Loose

Cybersecurity researchers recently uncovered several malicious campaigns which used Google ads to disseminate malware like Gozi, RedLine, Vidar, Cobalt Strike, SectoRAT, and Royal Ransomware, masking them as legitimate applications such as 7-ZIP, VLC, OBS, Notepad++, CCleaner, TradingView, and Rufus. One…

CYBER NEWS
CVE-2023-27524- Vulnerability in Apache Superset Software

CVE-2023-27524: Vulnerability in Apache Superset Software

Maintainers of the Apache Superset open source data visualization software have issued updates to address a security vulnerability, tracked as CVE-2023-27524, with a CVSS score of 8.9. This vulnerability, which is present in versions 2.0.1 and prior, is caused by…

CYBER NEWS
CVE-2023-20036- Highly Severe Cisco Industrial Network Director Vulnerability

CVE-2023-20036: Highly Severe Cisco Industrial Network Director Vulnerability

Cisco recently addressed a highly severe vulnerability in one of its products. Cisco recently released an advisory detailing a critical command injection flaw found in their Industrial Network Director. The vulnerability has been identified as CVE-2023-20036, with a CVSS score…

CYBER NEWS
CVE-2023-29199- vm2 JavaScript Library Contains Severe Vulnerabilities

CVE-2023-29199: vm2 JavaScript Library Contains Severe Vulnerabilities

The vm2 JavaScript library has just released two new patches to mitigate two critical vulnerabilities, CVE-2023-29199 and CVE-2023-30547, both rated 9.8 on the CVSS scoring system. Versions 3.9.16 and 3.9.17, respectively, contain the fixes for the bugs which enable an…

CYBER NEWS
Goldoson Android Malware Downloaded 100 Million Times

Goldoson Android Malware Downloaded 100 Million Times

The malicious Goldoson app was downloaded more than 100 million times from the Google Play Store, causing an Android-based malware outbreak. Cybersecurity researchers recently identified a malicious Android strain called Goldoson, which has infiltrated more than 60 applications on the…

CYBER NEWS
CVE-2023-20963 Exploited by Chinese E-commerce App Pinduoduo

CVE-2023-20963 Exploited by Chinese E-commerce App Pinduoduo

CVE-2023-20963 is a highly severe Android vulnerability used as a zero-day attack. What Is CVE-2023-20963 and Why Is It Dangerous? The United States Cybersecurity and Infrastructure Security Agency (CISA) released recently a high-severity warning in regards to an Android vulnerability…

CYBER NEWS
CVE-2023-28252 Exploited by Nokoyawa Ransomware

CVE-2023-28252 Exploited by Nokoyawa Ransomware

Yet another Patch Tuesday has rolled out, addressing a total of 97 security vulnerabilities in various Microsoft products. April 2023 Patch Tuesday: What Has Been Patched? This Tuesday, Microsoft released a set of 97 security updates to address various flaws…

CYBER NEWS
Apple Fixes CVE-2023-28206, CVE-2023-28205 Zero-Days

Apple Fixes CVE-2023-28206, CVE-2023-28205 Zero-Days

Apple has released emergency updates to address two actively exploited zero-day flaws on older iPhones, iPads, and Macs. The company stated that they are aware of a report that this issue may have been actively exploited. CVE-2023-28206, CVE-2023-28205 Zero-Days The…

CYBER NEWS
Five Dangerous Vulnerabilities Exploited in the Wild (CVE-2023-26083)

Five Dangerous Vulnerabilities Exploited in the Wild (CVE-2023-26083)

The Cybersecurity and Infrastructure Security Agency, shortly known as CISA, has just added five new security flaws to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. Since the risks are severe, immediate actions to remediate the…

CYBER NEWS
New CryptoClippy Malware Targets Portuguese Cryptocurrency Owners

New CryptoClippy Malware Targets Portuguese Cryptocurrency Owners

Security researchers uncover a new clipper malware campaign targeting Portuguese speakers. Meet CryptoClippy Palo Alto’s Unit 42 team recently uncovered a malicious campaign that is targeting Portuguese speakers with a type of malware known as a cryptocurrency clipper (clipper malware).…

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree