Aggregator

BlindEagle (APT-C-36) is a Latin American Advanced Persistent Threat group that has been active since 2018. It targets the governmental, financial, and energy sectors in Colombia, Ecuador, Chile, Panama, and other regional countries.  BlindEagle is known for employing straightforward yet impactful techniques; the group demonstrates versatility in switching between financially motivated attacks and espionage operations. […]

The post New APT Group BlindEagle Attacking Multiple Organizations Via Weaponized Emails appeared first on Cyber Security News.

Cisco нашла 8 причин для беспокойства пользователей macOS.

A severe security flaw has been discovered in GiveWP, a popular WordPress donation plugin with over 100,000 active installations. The vulnerability, classified as an unauthenticated PHP Object Injection leading to Remote Code Execution (RCE), was responsibly reported through the Wordfence Bug Bounty Program on May 26th, 2024. The critical vulnerability, assigned CVE-2024-5932 with a CVSS […]

The post Critical WordPress Plugin RCE Vulnerability Impacts 100k+ Sites appeared first on Cyber Security News.

Action1 Opts For Independence, Believes It Can Become Multi-Billion Dollar Business
Action1 has rebuffed CrowdStrike's interest in acquiring the patch management and vulnerability remediation startup for $1 billion and opted to remain independent. Action 1 has decided to turn down acquisition inquiries since the company believes it can grow into a multi-billion dollar business.

In this post, we talk with Dr. Xiaowei Huang and Dr. Yi Dong (University of Liverpool), Dr. Mat Weldon ( United Kingdom (UK) Office of National Statistics (ONS)), and Dr. Michael Fenton (Trūata) who were winners in the UK-US Privacy-Enhancing Technologies ( PETs) Prize Challenges. We discuss implementation challenges of privacy-preserving federated learning (PPFL) - specifically, the areas of threat modeling and real world deployments. Threat Modeling In research on privacy-preserving federated learning (PPFL), the protections of a PPFL system are usually encoded in a threat model that defines

The U.S. government is warning of increased effort from Iran to influence upcoming elections through cyber operations targeting Presidential campaigns and the American public. [...]

Исследователи Check Point проследили путь от Agent Tesla до хакера Sty1x.

Feds confirmed Iran's involvement in the email attack against Roger Stone after Microsoft, Google reported Iranian APT action against both presidential campaigns.

A vulnerability classified as critical has been found in Samba. Affected is an unknown function of the component LDAP Handler. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2020-25720. It is possible to launch the attack remotely. There is no exploit available.

Хакеры маскируют вредонос под легитимные приложения для незаметной компрометации.

回复口令[跳跳]：“舞文弄墨”，获取今日最新情报！ tips强烈推荐[OK]：https://tix.qq.com - 高阶版免费体验：查询额度权益 - 每日最新封禁IOC获取 - 专家IP鉴定分析权限

A vulnerability was found in Checkmk mk_informix Agent Plugin up to 2.0.0p39/2.1.0p46/2.2.0p31/2.3.0p11. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to least privilege violation. The identification of this vulnerability is CVE-2024-28829. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Atlassian Bamboo Data Center and Bamboo Server. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to Privilege Escalation. This vulnerability was named CVE-2024-21689. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

每日更新当天鲜活情报和热点漏洞

让我们跟随神风静默师傅的脚步，深入学习和利用Docker Remote API接口的利用，该缺陷利用容易、危害巨大，要注重云上安全啦~

让我们跟随神风静默师傅的脚步，深入学习和利用Docker Remote API接口的利用，该缺陷利用容易、危害巨大，要注重云上安全啦~

Ukraine detected cyber-attacks using malicious emails containing photos of alleged prisoners of war from the Kursk direction

This post first appeared on blog.netwrix.com and was written by Martin Cannard.
“Never trust; always verify.” That’s the philosophy that drives the Zero Trust model, and it represents a major shift from the previous motto: “Trust but verify.” As threat actors have become more sophisticated, organizations have shifted their security frameworks away from a network-centric model and toward an identity-first model. Zero Trust assumes that every attempt … Continued