Aggregator

76% of security leaders favor cybersecurity-focused GenAI tools over domain-agnostic tools

The EU announced sanctions against individuals and entities involved in cyber-attacks and disinformation campaigns on behalf of the Russian state

Китай запускает первую партию сателлитов, которые выведут страну на новый уровень спутникового интернета.

A vulnerability was found in Dell AppSync 4.6.0.x. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to symlink following. The identification of this vulnerability is CVE-2024-52542. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Digital Operation Services WiFiBurada up to 1.0.4. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to improper restriction of excessive authentication attempts. This vulnerability was named CVE-2024-8429. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Digital Operation Services WiFiBurada up to 1.0.4. It has been classified as problematic. This affects an unknown part. The manipulation leads to authentication bypass by assumed-immutable data. This vulnerability is uniquely identified as CVE-2024-8475. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Apache Tomcat up to 9.9.97/10.1.33/11.0.1 and classified as problematic. Affected by this issue is some unknown functionality of the component Examples Web Application. The manipulation leads to resource consumption. This vulnerability is handled as CVE-2024-54677. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Apache Tomcat up to 9.0.97/10.1.33/11.0.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component JSP Compilation. The manipulation leads to time-of-check time-of-use. This vulnerability is known as CVE-2024-50379. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

Как планировщик задач превращает обычный файл в инструмент для взлома.

A recent campaign dubbed FLUX#CONSOLE has come to light, leveraging Microsoft Common Console Document (.MSC) files to infiltrate systems with backdoor malware. The campaign showcases the growing sophistication of phishing techniques and the exploitation of lesser-known Windows features. The FLUX#CONSOLE Campaign The FLUX#CONSOLE campaign has been identified as a multi-stage attack with sinister objectives. By using MSC files, threat actors […]

The post Cyber Criminals Exploit Windows Management Console to Deliver Backdoor Payloads appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A large-scale malvertising campaign distributing the Lumma infostealer malware via intrusive “ads” leading to fake CAPTCHA pages has been tied by researchers to a threat actor abusing the Monetag ad network. The campaign from the users’ perspective Internet users usually land on one of the many thousands SEO-optimized sites using Monetag ad-zone scripts after searching for things like streaming videos, anime, sports, academic documents, etc. The scripts pop open a new tab, which redirects users … More →

The post Malvertising on steroids serves Lumma infostealer appeared first on Help Net Security.

近日，一起大规模的数据泄露事件震动了网络安全界。名为“HikkI-Chan”的黑客在臭名昭著的Breach Forums上泄露了超过3.9亿VK用户的个人信息。

As Windows 10 approach

Best cybersecurity tips for digital nomads in Japan: Keep your data safe, avoid cyber threats, and work securely from anywhere in Japan.

The post Cybersecurity Best Practices for Digital Nomads in Japan appeared first on Security Boulevard.

Что знает Австралия, чего не знает весь остальной мир?

Even the best companies with the most advanced tools can still get hacked. It’s a frustrating reality: you’ve invested in the right solutions, trained your team, and strengthened your defenses. But breaches still happen. So, what’s going wrong? The truth is, that attackers are constantly finding new ways to slip through cracks that often go unnoticed—even in well-prepared organizations. The good

Webinar / Risk ManagementEven the best companies with the most advanced tools can still get hacked

As Windows 10 approaches its end-of-life (October 2025), organizations are facing the need to adjust their security infrastructure to be better aligned with Windows 11. A malware sandbox, an isolated environment for analyzing malicious files and URLs, is a key tool for this transition. Here are the benefits of deploying a Windows 11 sandbox and […]

The post How to Set up a Windows 11 Malware Sandbox appeared first on ANY.RUN's Cybersecurity Blog.

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-55956 Cleo Multiple Products Unauthenticated File Upload Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Today, CISA and the Office of the National Cyber Director (ONCD) published Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure to assist grant-making agencies to incorporate cybersecurity into their grant programs and assist grant-recipients to build cyber resilience into their grant-funded infrastructure projects. 

This guide is for federal grant program managers, critical infrastructure owners and operators, and organizations such as state, local, tribal, and territorial governments who subaward grant program funds, and grant program recipients. The guide includes:

• Recommended actions to incorporate cybersecurity into grant programs throughout the grant management lifecycle.
• Model language for grant program managers and sub-awarding organizations to incorporate into Notices of Funding Opportunity (NOFOs) and Terms & Conditions. 
• Templates for recipients to leverage when developing a Cyber Risk Assessment and Project Cybersecurity Plan.
• Comprehensive list of cybersecurity resources available to support grant recipient project execution.

CISA encourages organizations to review and apply recommended actions to secure the nation’s critical infrastructure and enhance resilience.