Cyber Security News

Researchers at Symantec have identified a new Linux ransomware variant linked to a bilingual (English and Spanish) double-extortion ransomware group. This emerging threat poses significant risks to organizations by encrypting and exfiltrating sensitive data, demanding ransom payments for decryption and data protection. Double extortion ransomware is a particularly dangerous type of cyberattack in which attackers […]

The post New Double-Extortion Ransomware Attacking Linux Machines appeared first on Cyber Security News.

A recent research presentation at Black Hat USA 2024 revealed architectural vulnerabilities within the Apache HTTP Server, a widely used web server software. The research highlights several technical debts within Httpd, including three types of Confusion Attacks, nine new vulnerabilities, 20 exploitation techniques, and over 30 case studies. Apache HTTP Server operates through a modular […]

The post Confusion Attacks in Apache HTTP Server Let Attackers Gain Root Access Remotely appeared first on Cyber Security News.

PoC exploit released for critical 0-click remote code execution (RCE) vulnerability affecting Windows Server. This flaw impacts Windows Server versions from 2000 to the latest 2025 preview. This vulnerability, identified as CVE-2024-38077, resides in the Windows Remote Desktop Licensing Service and poses a significant threat due to its ability to be exploited without any user […]

The post PoC Released for 0-click RCE Flaw Impacting Windows Server – MadLicense appeared first on Cyber Security News.

Malware analysis can be challenging, as it often requires in-depth theoretical knowledge and advanced skills. Tools like an interactive sandbox help simplify it, making sophisticated malware behavior easy to expose and understand even for junior security professionals. Here are some of the challenges that interactive malware sandboxes help analysts solve.  What is an Interactive Sandbox […]

The post 5 Malware Analysis Challenges Solved by an Interactive Sandbox appeared first on Cyber Security News.

Researchers from JPCERT uncovered a new technique known as “Smali Gadget Injection,” which is set to revolutionize the dynamic analysis of Android malware. This method offers a more flexible approach compared to existing tools like Frida, which, while useful, provide limited insights due to their general-purpose nature. Traditionally, analyzing Android malware dynamically has posed significant […]

The post Analyse Android Malware Using Innovative Smali Gadget Injection Technique appeared first on Cyber Security News.

Cybersecurity Researchers have unveiled the complicated evolution of the cybercriminal underworld. This transformation, spanning decades, has seen hackers evolve from isolated individuals seeking notoriety to organized syndicates driven by profit. The findings provide crucial insights into the operational dynamics of modern cybercriminal organizations, offering valuable knowledge for cybersecurity professionals striving to protect against these threats. […]

The post Researchers Detailed the Evolution of Cybercriminal Underworld appeared first on Cyber Security News.

In a recent study, researchers from the Université de Montréal and Flare Systems have demonstrated that large language models (LLMs) can accurately extract critical cyber threat intelligence (CTI) from cybercrime forums with an impressive 98% accuracy. The findings, published in a white paper, highlight the immense potential of AI in bolstering cybersecurity efforts. The research […]

The post AI Model Achieve 98% Accuracy in Collecting Threat Intelligence From Dark Web Forums appeared first on Cyber Security News.

A newly identified hacker group, designated as STAC6451, has been actively targeting Microsoft SQL (MSSQL) servers to compromise organizations, primarily in India. This group leverages exposed MSSQL servers to deploy ransomware and other malicious activities, posing a significant threat to various sectors. STAC6451 exploits MSSQL servers exposed to the public internet through the default TCP/IP […]

The post STAC6451 Hackers Attacking Microsoft SQL Servers to Compromise Organizations appeared first on Cyber Security News.

Cybersecurity experts have uncovered a new worm named CMoon targeting users through compromised websites. This sophisticated malware can steal confidential and payment data, download additional malware, and launch Distributed Denial-of-Service (DDoS) attacks. The worm was initially detected in July 2024, and its distribution method and functionality have raised significant concerns among cybersecurity professionals. Detection and […]

The post New Cmoon Worm Attacking Users Via Compromised Websites appeared first on Cyber Security News.

The Tor Project has announced the release of Tor Browser 13.5.2, which includes significant security updates and improvements, mainly focusing on integrating the latest Firefox security patches. Tor Browser anonymizes web traffic using the Tor network, making it easy to protect your identity online. The Tor Browser, updated to version 11.4.31, enhances script-blocking capabilities and […]

The post Tor Browser 13.5.2 Released: What’s New! appeared first on Cyber Security News.

Botnets attack routers to gain control over these devices, turning them into “zombies” that can be used to carry out malicious activities. While they execute all their illicit activities without getting detected, and they do activities like DDoS attacks, spreading malware, facilitating further network intrusions, and many more. In October 2023, Gi7w0rm first referenced the […]

The post Beware Of New Botnet Attacking ASUS Routers & Opens Port 63256 appeared first on Cyber Security News.

A new AMOS Mac stealer variant is circulating, distributed via a fake Loom website hosted on Google Ads, which, potentially linked to the Crazy Evil threat group, redirects users to a fraudulent download page disguised as the legitimate Loom platform.  Once executed, the advanced AMOS stealer exfiltrates sensitive data, including browser information, credentials, and cryptocurrency […]

The post MacOS Stealer Mimic as Screen Recorder Attacking Users via Google Ads appeared first on Cyber Security News.

Audio-visual data offers invaluable insights into human behavior and communication but raises significant privacy concerns, which proposes MaskAnyone, a toolkit for de-identifying individuals in audio-visual data while preserving data utility.  By combining face-swapping, auditory masking, and real-time bulk processing, MaskAnyone addresses the ethical and legal challenges associated with human subject data. The toolkit is designed […]

The post Researches Introduced MaskAnyone Toolkit To Minimize The Privacy Risks appeared first on Cyber Security News.

The threat actors often exploit fake websites to trick users into revealing their personal data. Not only that, but these fake websites are also used to distribute malware, steal identities, and facilitate phishing attacks. Cybersecurity researchers at SonicWall discovered a deceptive WinRar lookalike website that employs typosquatting to distribute malware.  This initial infection triggers the […]

The post Beware Of Fake WinRar Websites Delivering Ransomware via GitHub appeared first on Cyber Security News.

A critical vulnerability in Cisco’s Smart Software Manager On-Prem (SSM On-Prem) has surfaced, allowing unauthenticated, remote attackers to change user passwords, including those of administrative users. This flaw, rooted in improperly implementing the password-change process, has raised significant security concerns among Cisco users and IT professionals worldwide. CVE-2024-20419 – Vulnerability Details The vulnerability enables attackers […]

The post Cisco Software Manager Password Change Vulnerability Let Hackers Change password appeared first on Cyber Security News.

The United States has intensified its efforts to combat cyber threats by offering a substantial reward for information leading to identifying or locating individuals involved in malicious cyber activities against U.S. critical infrastructure. The move comes as part of a broader strategy to counter cyber threats from foreign entities. Reward for Justice Program According to […]

The post US to offer $10 million for Information on Iranian CyberAv3ngers Hackers appeared first on Cyber Security News.

Three potential vulnerabilities in Secure Encrypted Virtualization – Secure Nested Paging (SEV-SNP) could allow an attacker to read or corrupt the memory of a guest VM. To establish an isolated execution environment, (SEV-SNP) adds robust memory integrity protection to prevent malicious hypervisor-based attacks, including data replay, memory remapping, and more. AMD fixes multiple memory flaws […]

The post AMD Patches Multiple Memory Vulnerabilities That Leads Corrupt The Guest VM appeared first on Cyber Security News.

Security researchers have uncovered vulnerabilities in Microsoft’s Entra ID (formerly Azure Active Directory) dubbed “UnOAuthorized,” which could allow unauthorized actions beyond expected controls. The findings, centered on the OAuth 2.0 scope permissions, could have enabled attackers to elevate privileges and persist within Microsoft environments. The most alarming discovery involved the ability to add and remove […]

The post Microsoft Entra ID (Azure AD) Vulnerability Let Attackers Gain Global Admin Access appeared first on Cyber Security News.

Akamai Technologies effectively countered one of the most extensive and advanced distributed denial-of-service (DDoS) attacks it has faced to date. The attack, targeting a major financial services company in Israel, lasted for nearly 24 hours and resulted in Akamai blocking approximately 419 terabytes of malicious traffic. The DDoS campaign began at 8:05 UTC on July […]

The post Massive DDoS Attack: Record-breaking 419 TB of Malicious Traffic Within 24 Hours appeared first on Cyber Security News.

Researchers at Oligo Security have discovered an 18-year-old critical vulnerability, dubbed “0.0.0.0 Day,” that affects all major web browsers, including Chromium, Firefox, and Safari. This vulnerability allows malicious websites to bypass browser security and interact with services running on an organization’s local network, potentially leading to unauthorized access and remote code execution on local services […]

The post 0.0.0.0 Day – 18 Yr Old Vulnerability Let Attackers Bypass All Browser Security appeared first on Cyber Security News.