Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Retour à Sécurité

Security Affairs

    • 20 avril 2024Critical CrushFTP zero-day exploited in attacks in the wild
      Threat actors exploited a critical zero-day vulnerability in the CrushFTP enterprise in targeted attacks, Crowdstrike experts warn. CrushFTP is a file transfer server software that enables secure and efficient file transfer capabilities. It supports various features such as FTP, SFTP, FTPS, HTTP, HTTPS, WebDAV, and WebDAV SSL protocols, allowing users to transfer files securely over different netw …

    • 20 avril 2024A French hospital was forced to reschedule procedures after cyberattack
      A French hospital was forced to return to pen and paper and postpone medical treatments after a cyber attack. A cyber attack hit Hospital Simone Veil in Cannes (CHC-SV) on Tuesday, impacting medical procedures and forcing personnel to return to pen and paper. The Hospital Simone Veil in Cannes is a public hospital located in Cannes, France. The hospital provides a range of medical services and hea …

    • 19 avril 2024MITRE revealed that nation-state actors breached its systems via Ivanti zero-days
      The MITRE Corporation revealed that a nation-state actor compromised its systems in January 2024 by exploiting Ivanti VPN zero-days. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. The security team at the organization promptly launched an investigation, logged out the threat actor, and engaged third-party forensics Incident Response teams to condu …

    • 19 avril 2024FBI chief says China is preparing to attack US critical infrastructure
      China-linked threat actors are preparing cyber attacks against U.S. critical infrastructure warned FBI Director Christopher Wray. FBI Director Christopher Wray warned this week that China-linked threat actors are preparing an attack against U.S. critical infrastructure, Reuters reported. According to the FBI chief, the Chinese hackers are waiting “for just the right moment to deal a devastat …

    • 19 avril 2024United Nations Development Programme (UNDP) investigates data breach
      The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack and the subsequent theft of data. The United Nations Development Programme (UNDP) is investigating an alleged ransomware attack that resulted in data theft. The United Nations Development Programme (UNDP) is a United Nations agency tasked with helping countries eliminate poverty and ach …

    • 18 avril 2024FIN7 targeted a large U.S. carmaker with phishing attacks
      BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. FIN7 targeted employees who worked in the company’s IT department and had higher levels of administrative r …

    • 18 avril 2024Law enforcement operation dismantled phishing-as-a-service platform LabHost
      An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordinated by Europol, led to the disruption of LabHost, which is one of the world’s largest phishing-as-a-service platforms. Law enforcement from 19 countries participated in the operation which resulted in the …

    • 18 avril 2024Previously unknown Kapeka backdoor linked to Russian Sandworm APT
      Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapeka that has been used in attacks targeting victims in Eastern Europe since at least mid-2022. The backdoor is very sophisticated, it serves as both an initial toolkit and as a backdoor for maintaining long …

    • 18 avril 2024Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available
      Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit code for this issue. The PoC exploit code allows a local attacker to escalate privileges to root. Cisco Integrated Management Contro …

    • 17 avril 2024Linux variant of Cerber ransomware targets Atlassian servers
      Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server. The vulnerability is an improper authorization issue that can lead to significant d …

The Hackers News

    • 21 avril 2024New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth
      A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware. RedLine Stealer,&nbsp

    • 20 avril 2024Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
      Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as « intricate » and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software. « In

    • 20 avril 2024Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
      Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. « CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files, » CrushFTP said in an advisory released Friday.

    • 19 avril 2024BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool
      Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. « Waterbear is known for its complexity, as it

    • 19 avril 2024How Attackers Can Own a Business Without Touching the Endpoint
      Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services.  Before getting into the details of the attack techniques being used, let’s discuss why …

    • 19 avril 2024Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers
      Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. « Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia, » cybersecurity agencies from the Netherlands and the U.S.,

    • 19 avril 2024Hackers Target Middle East Governments with Evasive "CR4T" Backdoor
      Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a year prior. The campaign has been codenamed 

    • 18 avril 2024OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
      Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform since 2018. More than 20 such documents have been uploaded since 2022. « The documents contained VBA

    • 18 avril 2024FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
      The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). « FIN7 identified employees at the company who worked in the IT department and had higher levels of administrative rights, » the BlackBerry research and intelligence team said in a new write-up. « They

    • 18 avril 2024Recover from Ransomware in 5 Minutes—We will Teach You How!
      Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use

Dark Reading
Erreur: Il y a un erreur avec ce flux.



E Hacking News | Latest Hacker News and IT Security News
Erreur: Il y a un erreur avec ce flux.

Aucun contenu.

GBHackers On Security
Aucun contenu.

Cyber Defense Magazine
Erreur: Il y a un erreur avec ce flux.

blackMORE Ops

    • 5 mars 2024Whispers: A Powerful Static Code Analysis Tool for Credential Detection
      “My little birds are everywhere, even in the North, they whisper to me the strangest stories.” – Lord Varys Meet Whispers, an advanced static code analysis tool meticulously designed to parse various common data formats, unveiling hardcoded credentials, and identifying potentially hazardous functions. Whispers seamlessly integrates into both the command-line interface (CLI) and y …

    • 5 mars 2024Enabling AMD GPU for Hashcat on Kali Linux: A Quick Guide
      If you’ve encountered an issue where Hashcat initially only recognizes your CPU and not the GPU, this guide can help you enable your AMD RX570 GPU for accelerated hashing. Here’s a streamlined version of the steps you took: Initial Setup: Running hashcat -I initially only detected the CPU. Download AMD Drivers: Visit the official AMD … The post Enabling AMD GPU for Hashcat on Kal …

    • 5 mars 2024Identifying harmful activity on your captured traffic
      This Python script utilises Wireshark or TCPdump to analyse network traffic stored in a specified .pcap or .pcapng file. The objective is to detect potential malicious activities and attacks. The script covers a range of suspicious network behaviors, including: DNS Tunneling SSH Tunneling TCP Session Hijacking SMB Attack SMTP or DNS Attack IPv6 Fragmentation Attack … The post Identifying har …

    • 20 mai 2023Nyxt: Hacker’s Dream Browser
      In the ever-evolving digital landscape, the demand for specialized tools and platforms has grown exponentially. For hackers and technology enthusiasts, having a browser that caters to their unique needs and empowers their capabilities is crucial. Enter Nyxt, an innovative and versatile web browser designed specifically with hackers in mind. With its rich feature set, customizable … The post …

    • 19 mai 2023Migrate Plex Server – Ubuntu
      To migrate your Plex server to a new Ubuntu server, you can follow these steps: 1. Set up the new Ubuntu server: Install Ubuntu on the new server and ensure that it is up to date with the latest updates and packages. 2. Install Plex Media Server: On the new Ubuntu server, download and install … The post Migrate Plex Server – Ubuntu appeared first on blackMORE Ops. …

Hacker Ritz
Erreur: Il y a un erreur avec ce flux.