CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks
Tue, 14 Jan 2025 08:51:00 +0530
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.
The vulnerability in question is CVE-2024-12686 (CVSS score: 6.6), a medium-severity bug that could
https://thehackernews.com/2025/01/cisa-adds-new-beyondtrust-flaw-to-kev.html
AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming
Mon, 13 Jan 2025 18:42:37 +0000
Redmond’s AI Red Team says human involvement remains irreplaceable in addressing nuanced risks.
The post AI Won’t Take This Job: Microsoft Says Human Ingenuity Crucial to Red-Teaming appeared first on SecurityWeek.
https://www.securityweek.com/ai-wont-take-this-job-microsoft-says-human-ingenuity-crucial-to-red-teaming/
Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability
Mon, 13 Jan 2025 14:23:12 +0000
A fake proof-of-concept (PoC) exploit for a recent LDAP vulnerability distributes information stealer malware.
The post Infostealer Masquerades as PoC Code Targeting Recent LDAP Vulnerability appeared first on SecurityWeek.
https://www.securityweek.com/infostealer-masquerades-as-poc-code-targeting-recent-ldap-vulnerability/
US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals
Mon, 13 Jan 2025 13:39:26 +0000
The US Justice Department has announced charges against three Russians for operating the Blender and Sinbad cryptocurrency mixers.
The post US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals appeared first on SecurityWeek.
https://www.securityweek.com/us-charges-3-russians-for-operating-cryptocurrency-mixers-used-by-cybercriminals/
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
Mon, 13 Jan 2025 19:03:00 +0530
A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners.
Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in
https://thehackernews.com/2025/01/hackers-exploit-aviatrix-controller.html
Emerging FunkSec Ransomware Developed Using AI
Mon, 13 Jan 2025 12:21:01 +0000
Developed with the help of AI, the emerging FunkSec ransomware claimed over 80 victims in December 2024.
The post Emerging FunkSec Ransomware Developed Using AI appeared first on SecurityWeek.
https://www.securityweek.com/emerging-funksec-ransomware-developed-using-ai/
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
Mon, 13 Jan 2025 17:35:00 +0530
The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down what’s happening, why it matters, and what you can do to stay secure.
Let’s turn awareness into action and keep one step ahead
https://thehackernews.com/2025/01/thn-weekly-recap-top-cybersecurity_01424177917.html
Juniper Networks Fixes High-Severity Vulnerabilities in Junos OS
Mon, 13 Jan 2025 12:04:18 +0000
Juniper Networks has patched multiple high-severity vulnerabilities in Junos OS and its third-party components.
The post Juniper Networks Fixes High-Severity Vulnerabilities in Junos OS appeared first on SecurityWeek.
https://www.securityweek.com/juniper-networks-fixes-high-severity-vulnerabilities-in-junos-os/
Ransomware on ESXi: The Mechanization of Virtualized Attacks
Mon, 13 Jan 2025 17:00:00 +0530
In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet (according to Shodan), the operational and business impact of these attacks is profound.
Most of the Ransomware strands that are attacking ESXi servers nowadays, are variants of the
https://thehackernews.com/2025/01/ransomware-on-esxi-mechanization-of.html
China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports
Mon, 13 Jan 2025 11:25:32 +0000
Chinese cyberspies targeted offices dealing with foreign investments and sanctions in the recent US Treasury hack.
The post China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports appeared first on SecurityWeek.
https://www.securityweek.com/china-targeted-foreign-investment-sanctions-offices-in-treasury-hack-reports/
WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
Mon, 13 Jan 2025 12:10:00 +0530
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system (CMS).
“This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment
https://thehackernews.com/2025/01/wordpress-skimmers-evade-detection-by.html
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
Mon, 13 Jan 2025 11:31:00 +0530
No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per domain.
Cybersecurity company watchTowr Labs said it pulled off the operation by registering over 40 domain names that the backdoors had been designed to use for command-and-control (C2). In partnership with the
https://thehackernews.com/2025/01/expired-domains-allowed-control-over.html
Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
Sat, 11 Jan 2025 13:24:00 +0530
Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence (AI) services and produce offensive and harmful content.
The tech giant’s Digital Crimes Unit (DCU) said it has observed the threat actors “develop
https://thehackernews.com/2025/01/microsoft-sues-hacking-group-exploiting.html
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
Sat, 11 Jan 2025 12:15:00 +0530
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io.
Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service, Finland’s National Bureau of
https://thehackernews.com/2025/01/doj-indicts-three-russians-for.html
Meloni Says Italy Is Exploring Deals on Telecoms Security, but Denies Private Talks With Musk
Fri, 10 Jan 2025 17:17:16 +0000
If the deal is sealed, SpaceX would provide encryption services for the Italian government and communications infrastructure for the military and emergency services.
The post Meloni Says Italy Is Exploring Deals on Telecoms Security, but Denies Private Talks With Musk appeared first on SecurityWeek.
https://www.securityweek.com/meloni-says-italy-is-exploring-deals-on-telecoms-security-but-denies-private-talks-with-musk/
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices
Fri, 10 Jan 2025 21:09:00 +0530
Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution.
The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14.
“Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote
https://thehackernews.com/2025/01/google-project-zero-researcher-uncovers.html
In Other News: Bank of America Warns of Data Breach, Trucking Cybersecurity, Treasury Hack Linked to Silk Typhoon
Fri, 10 Jan 2025 13:21:07 +0000
Noteworthy stories that might have slipped under the radar: 2025 trucking cybersecurity report, Bank of America discloses data breach, Silk Typhoon behind US Treasury hack.
The post In Other News: Bank of America Warns of Data Breach, Trucking Cybersecurity, Treasury Hack Linked to Silk Typhoon appeared first on SecurityWeek.
https://www.securityweek.com/in-other-news-bank-of-america-warns-of-data-breach-trucking-cybersecurity-treasury-hack-linked-to-silk-typhoon/
Banshee macOS Malware Expands Targeting
Fri, 10 Jan 2025 12:25:09 +0000
The latest version of the Banshee macOS information stealer no longer checks if the infected systems have the Russian language installed.
The post Banshee macOS Malware Expands Targeting appeared first on SecurityWeek.
https://www.securityweek.com/banshee-macos-malware-expands-target-list/
Major Addiction Treatment Firm BayMark Confirms Ransomware Attack Caused Data Breach
Fri, 10 Jan 2025 12:11:05 +0000
Substance abuse treatment provider BayMark Health Services says patient personal information was compromised in a data breach.
The post Major Addiction Treatment Firm BayMark Confirms Ransomware Attack Caused Data Breach appeared first on SecurityWeek.
https://www.securityweek.com/major-addiction-treatment-firm-baymark-confirms-ransomware-attack-caused-data-breach/
Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs
Fri, 10 Jan 2025 17:29:00 +0530
Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen as a requirement for tracking cybersecurity progress, it often becomes bogged down with technical jargon, complex data, and disconnected spreadsheets that fail to
https://thehackernews.com/2025/01/taking-pain-out-of-cybersecurity.html