Cyber Security News

Researchers from Aqua identified critical vulnerabilities in six Amazon Web Services (AWS): CloudFormation, Glue, EMR, SageMaker, ServiceCatalog, and CodeStar. These vulnerabilities varied in severity, potentially allowing remote code execution, full-service user takeover, AI module manipulation, data exposure, data exfiltration, and denial of service (DoS) attacks. The vulnerabilities could have affected any organization using these services […]

The post Critical Vulnerabilities in AWS Lets Attackers Gain Full-Service Remotely appeared first on Cyber Security News.

Security researchers have uncovered severe vulnerabilities in the Ewon Cosy+, a widely used industrial remote access gateway tool, allowing them to gain root access and compromise the device’s security. The findings, presented at DEF CON 32, highlight significant risks to industrial infrastructure and remote access systems. The Ewon Cosy+, developed by HMS Networks, is designed […]

The post Researchers Hacked Industrial Remote Access Gateway Tool to Gain Root Access appeared first on Cyber Security News.

IBM has disclosed a vulnerability in its Aspera Shares software, CVE-2023-38018. This flaw in user session handling could potentially allow attackers to impersonate any user within the system, posing a substantial security risk for organizations relying on this software for data transfer. CVE-2023-38018 – Vulnerability Details The vulnerability arises from IBM Aspera Shares’ failure to […]

The post IBM Aspera Shares Vulnerability Let Attackers Login as Any User appeared first on Cyber Security News.

A critical security vulnerability has been discovered in OpenSSH implementations on FreeBSD systems, potentially allowing attackers to execute remote code without authentication. The vulnerability, identified as CVE-2024-7589, affects all supported versions of FreeBSD. The issue stems from a signal handler in the SSH daemon (sshd) that may call logging functions that are not async-signal-safe. This […]

The post Critical OpenSSH Vulnerability in FreeBSD Let’s Attackers Gain Root Access Remotely appeared first on Cyber Security News.

Monitoring an Active Directory (AD) involves tracking and analyzing business AD events and activity. Windows-based systems store and manage network resources, user accounts, groups, and security rules in Active Directory. Monitoring supports AD’s availability, security, and proper operation. Active Directory monitoring tools capture and analyze user authentication, logon/logoff events, group membership changes, password policy violations, […]

The post Best Active Directory Monitoring Tools – 2024 appeared first on Cyber Security News.

Our Weekly Cybersecurity Newsletter is your personal radar that will help you to surf through the ever-changing digital threat landscape. This analysis, however, is not just a news report but aims to provide context, possible impact evaluations, and practical mitigation strategies. Whether it is securing enterprise infrastructure, building secure applications, or hardening personal digital life: […]

The post Weekly Cyber Security News Letter – Data Breaches, Vulnerability, Cyber Attack & More appeared first on Cyber Security News.

Microsoft researchers have recently uncovered multiple medium-severity vulnerabilities in OpenVPN, a widely used open-source VPN software. OpenVPN is used by thousands of companies across various industries, including information technology, financial services, telecommunications, and computer software, on major platforms such as Windows, iOS, macOS, Android, and BSD. Are you from SOC and DFIR Teams? Analyse Malware […]

The post Critical OpenVPN Vulnerabilities Expose Millions of Devices to RCE Attack appeared first on Cyber Security News.

Microsoft has disclosed a significant security vulnerability in its Office suite, identified as CVE-2024-38200, which could potentially allow attackers to access sensitive information. This spoofing vulnerability affects multiple versions of Microsoft Office, including Office 2016, Office 2019, Office LTSC 2021, and Microsoft 365 Apps for Enterprise, across both 32-bit and 64-bit systems. The vulnerability, rated […]

The post Microsoft Office Spoofing Vulnerability Let Attackers Steal Sensitive Data appeared first on Cyber Security News.

A popular open-source firewall software pfSense vulnerability has been identified, allowing for remote code execution (RCE) attacks. The vulnerability, tracked as CVE-2022-31814, highlights potential risks in pfSense installations, particularly those using the pfBlockerNG package. pfSense is a widely used, FreeBSD-based firewall and router software that offers enterprise-grade features and security. It is renowned for its […]

The post Open Source Firewall pfsense Vulnerable to Remote Code Execution Attacks appeared first on Cyber Security News.

In November 2023, hackers from Iran hacked the Municipal Water Authority of Aliquippa, Pennsylvania. They targeted a vulnerable control system and damaged it with anti-Israel statements. Two months later, in January 2024, Russians attacked Muleshoe and Abernathy water facilities, causing minor disruptions such as the overflowing of water storage tanks. These are incidents that reveal […]

The post Thousands Of Internet-Connected ICS Devices Exposes Critical Infrastructure To Cyber Attacks appeared first on Cyber Security News.

The giant global electricity network intercrosses the fast-growing solar power infrastructure and ubiquitous Internet of Things, making a complex point of energy and data. This intersection relies on vulnerable inverters and controllers—key elements that may be vulnerable spots as per recent studies.  Cybersecurity analysts at BitDefender recently discovered that a series of Solar Power system […]

The post Series Of Solar Power System Vulnerabilities Impacts Millions Of Installations appeared first on Cyber Security News.

Clearlake is a cyber threat operation that distributes fake antivirus software to make users perceive their system as infected. Sometimes, malicious software can be designed to ask for payment to remove it, or it installs more malware that steals sensitive data or causes further damage to the victim’s system. Cybersecurity analysts at Avast Threat Labs […]

The post Threat Actors Hijacking Websites To Deliver .NET-Based Malware appeared first on Cyber Security News.

Roundcube, a widely adopted open-source webmail application, is included by default in the popular cPanel web hosting control panel, leading to millions of installations worldwide.  The software is commonly used by universities and government agencies, making the email accounts of public sector employees a valuable target for Advanced Persistent Threat (APT) groups engaged in espionage.  […]

The post Critical XSS Vulnerability In Roundcube Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

Attackers obtain system configuration files by taking advantage of software or protocols that are installed on devices, such as by abusing the legacy Cisco Smart Install feature. Additionally, CISA notes that weak password types are still being used on Cisco network devices. Password cracking attacks are made possible by the use of weak password types.  […]

The post CISA Warns of Hackers Exploiting Cisco Smart Install Feature appeared first on Cyber Security News.

ADT Inc., a prominent security and automation solutions provider, reported that unauthorized actors accessed specific databases containing customer order information. The company swiftly addressed the breach, which raised concerns about data security and customer privacy. Unauthorized Access and Immediate Response ADT became aware of the breach when unauthorized actors illegally accessed customer order information databases. […]

The post ADT Data Breach: Customers Personal Information Exposed appeared first on Cyber Security News.

At the recent Black Hat USA conference, security researcher Michael Bargury unveiled alarming vulnerabilities within Microsoft Copilot, demonstrating how hackers can potentially exploit this AI-powered tool for malicious purposes. This revelation underscores the urgent need for organizations to reassess their security measures when using AI technologies like Microsoft Copilot. Bargury’s presentation highlighted several methods through […]

The post Researchers Demonstrate How Hackers Can Exploit Microsoft Copilot appeared first on Cyber Security News.

Cisco has announced the integration of its Talos threat intelligence across multiple Splunk security products, marking a significant milestone in the company’s efforts to combine capabilities following its acquisition of Splunk earlier this year. Cisco Talos threat intelligence integration is now available for Splunk Attack Analyzer, with upcoming integrations planned for Splunk Enterprise Security and […]

The post Cisco Integrated Talos Threat Intelligence for All Splunk Users appeared first on Cyber Security News.

A critical vulnerability, identified as CVE-2024-7553, has been discovered in MongoDB. It could potentially allow attackers to take complete control of Windows systems. This vulnerability arises from incorrect validation of files loaded from a local untrusted directory, which can lead to local privilege escalation on Windows operating systems. The flaw affects several versions of MongoDB […]

The post MongoDB Vulnerability Allows Attackers to Gain Complete Control of Windows Systems appeared first on Cyber Security News.

Researchers at Symantec have identified a new Linux ransomware variant linked to a bilingual (English and Spanish) double-extortion ransomware group. This emerging threat poses significant risks to organizations by encrypting and exfiltrating sensitive data, demanding ransom payments for decryption and data protection. Double extortion ransomware is a particularly dangerous type of cyberattack in which attackers […]

The post New Double-Extortion Ransomware Attacking Linux Machines appeared first on Cyber Security News.

A recent research presentation at Black Hat USA 2024 revealed architectural vulnerabilities within the Apache HTTP Server, a widely used web server software. The research highlights several technical debts within Httpd, including three types of Confusion Attacks, nine new vulnerabilities, 20 exploitation techniques, and over 30 case studies. Apache HTTP Server operates through a modular […]

The post Confusion Attacks in Apache HTTP Server Let Attackers Gain Root Access Remotely appeared first on Cyber Security News.