Cyber News - Page 3

Home > Cyber News

This category contains informative articles and news.
Cyber News about data breaches, online privacy and security, computer security threats, cybersecurity reports, vulnerability reports. News about the latest malware attacks.
Hot news about the security of Microsoft (Patch Tuesdays), Google, Android, Apple, Linux, and other big companies and software vendors.

CYBER NEWS
CVE-2023-52160 Wi-Fi Flaws Expose Android and Linux Devices

CVE-2023-52160: Wi-Fi Flaws Expose Android and Linux Devices

Two authentication bypass vulnerabilities were uncovered in open-source Wi-Fi software utilized across Android, Linux, and ChromeOS devices. These vulnerabilities, identified as CVE-2023-52160 and CVE-2023-52161, present a concerning scenario where users could unwittingly connect to malicious networks or allow unauthorized access…

CYBER NEWS
Migo Malware a New Threat for Linux Systems and Redis Servers

Migo Malware: a New Threat for Linux Systems and Redis Servers

A sophisticated malware campaign dubbed Migo was recently uncovered, strategically targeting Redis servers to infiltrate Linux hosts for cryptocurrency mining. This latest discovery sheds light on the evolving tactics of cybercriminals in exploiting cloud-based services for malicious purposes. Migo Malware:…

CYBER NEWS
The PrintListener Attack

PrintListener: Fingerprint Authentication Vulnerability Exposes Our Identities

Fingerprint authentication has widespread adoption in identity verification systems owing to its speed and cost-efficiency. However, the risk of fingerprint leakage poses serious security concerns, as outlined in a new research paper called “PrintListener: Uncovering the Vulnerability of Fingerprint Authentication…

CYBER NEWS
LockBit Operation Cronos

Operation Cronos: the End of LockBit Ransomware?

Law enforcement agencies from 11 countries have joined forces to dismantle the notorious LockBit ransomware operation in a collaborative effort known as Operation Cronos. This coordinated action marks a significant blow against cybercriminal activity, with the National Crime Agency of…

CYBER NEWS
Private Network Access Chrome Feature Protects Home Networks

Private Network Access Chrome Feature Protects Home Networks

Google is rolling out a new feature aimed at thwarting malicious websites from exploiting vulnerabilities within users’ internal networks. This innovative safeguard is designed to shield devices such as printers and routers, traditionally deemed safe within home networks, from potential…

CYBER NEWS
MrAgent New Tool for Ransomware Attacks on ESXi Servers-min

MrAgent: New Tool for Ransomware Attacks on ESXi Servers

Among the latest developments in the field of ransomware innovations is the emergence of ‘MrAgent,’ a new tool unleashed by the RansomHouse ransomware operation. The tool is designed to automate the deployment of the data encrypter across multiple VMware ESXi…

CYBER NEWS
GoldPickaxe iOS Trojan Extracts Facial Recognition Data, Uses Deepfakes

GoldPickaxe iOS Trojan Extracts Facial Recognition Data, Uses Deepfakes

A Chinese-speaking threat actor known as GoldFactory has emerged as a significant player, responsible for the development of highly sophisticated banking trojans. Among its arsenal is a previously undocumented iOS malware named GoldPickaxe, capable of extracting sensitive personal data including…

CYBER NEWS
CVE-2024-21410 Microsoft Exchange Server Flaw Exploited in the Wild

CVE-2024-21410: Microsoft Exchange Server Flaw Exploited in the Wild

Microsoft has confirmed the exploitation of a critical security vulnerability in Exchange Server which was addressed in February 2024 Patch Tuesday. This acknowledgment comes just a day after the company issued fixes for the flaw as part of its routine…

CYBER NEWS
Microsoft's February 2024 Patch Tuesday

Microsoft’s February 2024 Patch Tuesday Fixes 2 Zero-Days

Microsoft’s February 2024 Patch Tuesday is already a fact, bringing forth a number of security updates. This month’s release addresses a total of 73 flaws, with a particular focus on tackling two actively exploited zero-day vulnerabilities that have been causing…

CYBER NEWS
CVE-2023-43770 in Roundcube Email Software Exploited in the Wild

CVE-2023-43770 in Roundcube Email Software Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a vulnerability in the Roundcube email software to its Known Exploited Vulnerabilities (KEV). Identified as CVE-2023-43770 with a CVSS score of 6.1, this cross-site scripting (XSS) vulnerability has been actively…

CYBER NEWS
Raspberry Robin Malware Uses N-Day Exploits, Advanced Evasion

Raspberry Robin Malware Uses N-Day Exploits, Advanced Evasion

Recent iterations of the Raspberry Robin malware have raised alarm among cybersecurity experts due to their increased stealth and utilization of one-day (n-day, or known) exploits targeting vulnerable systems. These exploits, designed to leverage recently patched vulnerabilities, capitalize on delays…

CYBER NEWS
RustDoor macOS Backdoor Linked to Ransomware Groups

RustDoor macOS Backdoor Linked to Ransomware Groups

Security researchers have uncovered a new sophisticated backdoor targeting macOS and dubbed RustDoor also known as Trojan.MAC.RustDoor. Operative since November 2023, this malicious software, identified by Bitdefender, operates under the guise of a Microsoft Visual Studio update, posing a grave…

CYBER NEWS
Hyundai Motor Europe Hit by Black Basta 3TB Data Stolen

Hyundai Motor Europe Hit by Black Basta: 3TB Data Stolen

Hyundai Motor Europe, the European division of Hyundai Motor Company, headquartered in Germany, has fallen victim to a devastating double extortion ransomware attack. The attack, perpetrated by the Black Basta ransomware gang, has resulted in the theft of three terabytes…

CYBER NEWS
CVE-2024-21762 Critical Flaw in FortiOS SSL VPN Exploited

CVE-2024-21762: Critical Flaw in FortiOS SSL VPN Exploited

Fortinet has recently uncovered a critical security vulnerability, designated as CVE-2024-21762, within its FortiOS SSL VPN software. This flaw, with a severity score of 9.6 on the CVSS scale, enables remote attackers to execute arbitrary code or commands via specially…

CYBER NEWS
CVE-2023-40547 Shim RCE Vulnerability

CVE-2023-40547: Shim RCE Flaw Impacts Major Linux Distros

The developers behind shim, the essential software component utilized as a first-stage boot loader on UEFI systems, have recently unveiled version 15.8, aiming to rectify six security vulnerabilities. Among them, a critical bug poses a severe threat, potentially enabling remote…

CYBER NEWS
CVE-2024-23917 Critical JetBrains Takeover Vulnerability

CVE-2024-23917: Critical JetBrains Takeover Vulnerability

JetBrains, the renowned developer of integrated development environments, has issued a critical alert urging all customers to update their TeamCity On-Premises servers. CVE-2024-23917 Should Be Patched Urgently The urgency stems from a severe authentication bypass vulnerability, tracked as CVE-2024-23917, discovered…

CYBER NEWS
Ov3r_Stealer Malware Spread Via Fake Facebook Job Ads-min

Ov3r_Stealer Malware Spread Via Fake Facebook Job Ads

Trustwave SpiderLabs’ recent report uncovered the usage of fake Facebook job ads to lure victims into installing a new Windows-based stealer malware called Ov3r_Stealer. Ov3r_Stealer Malware Modus Operandi Ov3r_Stealer is a multifaceted malware designed to steal sensitive information such as…

CYBER NEWS
CVE-2024-21893 Ivanti Flaw Under Active, Mass Exploitation-min

CVE-2024-21893: Ivanti Flaw Under Active, Mass Exploitation

A critical server-side request forgery vulnerability (CVE-2024-21893), affecting Ivanti Connect Secure and Policy Secure products has been exploited at an alarming scale, raising significant concerns in the cybersecurity community. The Shadowserver Foundation reported a surge in exploitation attempts, originating from…

CYBER NEWS
mispadu trojan attacks

Mispadu Trojan Now Exploiting CVE-2023-36025 Windows Flaw

The Mispadu banking Trojan has once again made headlines, leveraging a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. Palo Alto Networks Unit 42, in a recent report, disclosed details of a new variant of the malware,…

CYBER NEWS
Cloudflare Discloses Nation-State Attack on Its Infrastructure

Cloudflare Discloses Nation-State Attack on Its Infrastructure

Cloudflare, the leader in web infrastructure, has publicly revealed the details of a highly sophisticated nation-state attack that unfolded between November 14 and 24, 2023. The assailants, employing stolen credentials, gained unauthorized access to Cloudflare’s Atlassian server, allowing them to…

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree