Cyber Security News

The research identifies a critical security vulnerability in GitHub Actions artifacts, enabling unauthorized access to tokens and secrets within CI/CD pipelines.  Misconfigured workflows in major organizations’ public repositories exposed sensitive information, potentially compromising cloud environments and allowing attackers to inject malicious code into production systems.  By exploiting leaked GitHub tokens, adversaries could manipulate repositories and […]

The post GitHub Vulnerability “ArtiPACKED” Trigger RCE Exploit to Hack Repositories appeared first on Cyber Security News.

In collaboration with Access Now and other civil society organizations, Citizen Lab exposed a sophisticated attack dubbed as “Rivers of Phishing,” a new phishing campaign that attacks Russia’s enemies globally. The fact-finding efforts revealed that their coordinated spear-phishing targeted particular individuals across multiple countries and sectors of civil society. The threat actor adopted advanced digital […]

The post Rivers Of Phish – New Phishing Campaign Attacks Russia Enemies Globally appeared first on Cyber Security News.

The Iranian government-backed cyber group APT42 has launched a phishing campaign aimed at disrupting the U.S. presidential election. According to Google’s Threat Analysis Group (TAG), this sophisticated threat actor, associated with Iran’s Islamic Revolutionary Guard Corps (IRGC), has been targeting high-profile individuals linked to both the Biden and Trump campaigns. The campaign is part of […]

The post Iranian APT42 Group Launches a Massive Phishing Campaign to Attack U.S. Presidential Election appeared first on Cyber Security News.

Palo Alto Networks has issued a high-severity security update for the Prisma Access Browser, addressing multiple vulnerabilities discovered in the underlying Chromium engine. This update, identified as PAN-SA-2024-0007, supersedes the Talon Browser and incorporates critical security fixes from recent Chromium updates. The vulnerabilities primarily involve “use after free” issues, type confusion, and insufficient data validation […]

The post Vulnerability in Palo Alto Networks Prisma Access Browser Let Attackers Trigger RCE appeared first on Cyber Security News.

IBM has issued a security bulletin highlighting multiple vulnerabilities in its QRadar Suite Software. These vulnerabilities, affecting various components, have been addressed in the latest software release. IBM QRadar Suite Software is a powerful cybersecurity platform that integrates SIEM (Security Information and Event Management), SOAR (Security Orchestration, Automation, and Response), network traffic analysis, and vulnerability management into a single, […]

The post Critical Vulnerabilities in IBM QRadar Lets Attackers Trigger Arbitrary Code Remotely appeared first on Cyber Security News.

In the rapidly evolving world of cybersecurity, emerging threats pose significant challenges to organizations worldwide. These threats, characterized by their novelty and complexity, often exploit new vulnerabilities and technologies, making them difficult to predict and defend against. As cybercriminals continually refine their methods, businesses must stay informed and proactive to protect their assets. One powerful […]

The post How to Investigate Emerging Cyber Threats in 2024 – SOC/DFIR Team Guide appeared first on Cyber Security News.

A critical security vulnerability identified as CVE-2024-5830 has been discovered in Chrome’s V8 JavaScript engine. The flaw, initially reported in May 2024 as bug 342456991. The vulnerability is a type confusion bug that allows an attacker to execute arbitrary code within the Chrome renderer sandbox by simply getting a victim to visit a malicious website.  […]

The post One Click on a Malicious Site Could Exploit Chrome V8 Engine RCE Vulnerability appeared first on Cyber Security News.

Kootenai Health, a prominent healthcare provider located at 2003 Kootenai Health Way, Coeur d’Alene, Idaho, has been the victim of a significant ransomware attack. The attack exposed sensitive information belonging to 464,088 patients. The breach, which occurred on February 22, 2024, was discovered on August 1, 2024, by the Office of the Maine Attorney General, […]

The post Kootenai Health Ransomware Attack: 464,000 patients Data Exposed appeared first on Cyber Security News.

Gigabud, an Android banking trojan impersonating government entities, initially targeted Thailand, the Philippines, and Peru. Its source code significantly overlaps with Golddigger, another Android banking trojan targeting Vietnam.  It indicates a shared threat actor who has expanded Gigabud’s scope to include Bangladesh, Indonesia, Mexico, South Africa, and Ethiopia, demonstrating increased sophistication and geographic targeting.  Researchers […]

The post Golddigger And Gigabud Android Malware Attacking Airlines Customers appeared first on Cyber Security News.

A phishing email containing only a PNG image was sent from a compromised AWS account using the spoofed sender address [email protected]. Clicking the image redirected victims to a malicious Squarespace domain, giraffe-viola-p262.squarespace[.]com, which subsequently led to a PDF viewer.  The sender domain is recognized as a known malware distributor, according to open-source threat intelligence, which […]

The post New Phishing Campaign Attacking AWS Accounts To Steal Logins appeared first on Cyber Security News.

Fortinet, a leader in cybersecurity solutions, has released patches addressing several vulnerabilities affecting its FortiOS, FortiProxy, FortiPAM, FortiSwitchManager, FortiManager, and FortiAnalyzer products. If exploited, these vulnerabilities could potentially allow unauthorized access and privilege escalation, posing a significant threat to affected systems. Vulnerability Details CVE-2022-45862 The graphical user interface (GUI) of FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager […]

The post Fortinet Patches Multiple Vulnerabilities Impacting FortiOS & Other Products appeared first on Cyber Security News.

Security researchers discovered a vulnerability in GitHub’s Actions feature. GitHub Actions artifacts are generated as part of organizations’ CI/CD workflows, and a combination of misconfigurations and security flaws can lead to artifact leakage of tokens. Dubbed “ArtiPACKED,” this exploit leverages a race condition in GitHub’s artifact system, allowing attackers to compromise repositories and inject malicious […]

The post ArtiPACKED: Hacking GitHub Repositories Through a Race Condition Vulnerability appeared first on Cyber Security News.

Adobe has released patches for 72 security vulnerabilities across its popular software products. This effort, spearheaded by Adobe’s Product Security Incident Response Team (PSIRT), underscores its commitment to safeguarding its users against potential cyber threats. Comprehensive Security Measures Adobe’s PSIRT is crucial to the company’s vulnerability disclosure program. It provides a single point of contact […]

The post Adobe Patches 72 Security Vulnerabilities Across Multiple Products appeared first on Cyber Security News.

Tenable Research has uncovered significant security vulnerabilities in Microsoft’s Azure Health Bot Service, a cloud platform designed to enable healthcare professionals to deploy AI-powered virtual health assistants. The Azure AI Health Bot Service is a cloud-based platform designed for healthcare organizations. It enables developers to create and deploy AI-driven virtual health assistants, which help streamline […]

The post Critical SSRF Vulnerability in Microsoft Azure Let Hackers Compromise Health Bot Services appeared first on Cyber Security News.

SAP has released its August 2024 security patch update, addressing 17 new vulnerabilities, including two critical flaws that could allow attackers to bypass authentication and fully compromise affected systems. The most severe vulnerability, CVE-2024-41730, affects SAP BusinessObjects Business Intelligence Platform versions 430 and 440. With a CVSS score of 9.8, this “missing authentication check” flaw […]

The post Critical SAP Flaw Let Hackers to Bypass Authentication & Compromise Systems appeared first on Cyber Security News.

SSLoad is a complex malware loader that mainly intrudes into desired systems via phishing emails. Once inside, it performs reconnaissance, and then transfers the collected intelligence to its handlers. SSLoad later uses any available means to get past detection as it installs different forms of harmful code into the system. This program is also designed […]

The post New SSLoad Loader Malware Attacking Users to Infiltrate Login Details appeared first on Cyber Security News.

Cryptocurrency scams have changed along with digital currencies and they now employ technological advancements like AI and deepfakes in their sophisticated frauds. The CryptoCore group is an example of these methods where celebrity images are used, major events are exploited, and hijacked social media accounts are taken across platforms such as YouTube, Twitter, and TikTok. […]

The post CryptoCore, Sophisticated Cryptocurrency Scam Attacking Users To Drain Wallets appeared first on Cyber Security News.

A sophisticated phishing campaign has emerged, impersonating the Google Safety Centre to deceive users. This campaign is tricking unsuspecting individuals into downloading a malicious file, posing as the widely used Google Authenticator app. This attack has significant implications, as it threatens personal data and highlights cybercriminals’ evolving tactics. Malicious Software Disguised as Google Authenticator According […]

The post Beware of New Phishing Campaign that Impersonates Google Safety Centre appeared first on Cyber Security News.

Ivanti Virtual Traffic Manager has been discovered with a critical vulnerability which was associated with authentication bypass. This vulnerability has been assigned with CVE-2024-7593 and the severity was given as 9.8 (Critical). However, Ivanti has patched this vulnerability and released a security advisory to address it. Ivanti confirmed that there is no evidence of active […]

The post Ivanti Virtual Traffic Manager Flaw Let Hackers Create Rogue Admin Accounts appeared first on Cyber Security News.

Microsoft has released an urgent security update to address a critical remote code execution vulnerability in the Windows TCP/IP stack. The flaw tracked as CVE-2024-38063, affects all supported Windows and Windows Server versions, including Server Core installations. CVE-2024-38063 is a remote code execution vulnerability in Windows TCP/IP with a maximum severity rating of Critical and […]

The post Critical 0-Click RCE in Windows TCP/IP Stack Impacts All Systems appeared first on Cyber Security News.