Cyber Security News

Roundcube, a widely adopted open-source webmail application, is included by default in the popular cPanel web hosting control panel, leading to millions of installations worldwide.  The software is commonly used by universities and government agencies, making the email accounts of public sector employees a valuable target for Advanced Persistent Threat (APT) groups engaged in espionage.  […]

The post Critical XSS Vulnerability In Roundcube Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.

Attackers obtain system configuration files by taking advantage of software or protocols that are installed on devices, such as by abusing the legacy Cisco Smart Install feature. Additionally, CISA notes that weak password types are still being used on Cisco network devices. Password cracking attacks are made possible by the use of weak password types.  […]

The post CISA Warns of Hackers Exploiting Cisco Smart Install Feature appeared first on Cyber Security News.

ADT Inc., a prominent security and automation solutions provider, reported that unauthorized actors accessed specific databases containing customer order information. The company swiftly addressed the breach, which raised concerns about data security and customer privacy. Unauthorized Access and Immediate Response ADT became aware of the breach when unauthorized actors illegally accessed customer order information databases. […]

The post ADT Data Breach: Customers Personal Information Exposed appeared first on Cyber Security News.

At the recent Black Hat USA conference, security researcher Michael Bargury unveiled alarming vulnerabilities within Microsoft Copilot, demonstrating how hackers can potentially exploit this AI-powered tool for malicious purposes. This revelation underscores the urgent need for organizations to reassess their security measures when using AI technologies like Microsoft Copilot. Bargury’s presentation highlighted several methods through […]

The post Researchers Demonstrate How Hackers Can Exploit Microsoft Copilot appeared first on Cyber Security News.

Cisco has announced the integration of its Talos threat intelligence across multiple Splunk security products, marking a significant milestone in the company’s efforts to combine capabilities following its acquisition of Splunk earlier this year. Cisco Talos threat intelligence integration is now available for Splunk Attack Analyzer, with upcoming integrations planned for Splunk Enterprise Security and […]

The post Cisco Integrated Talos Threat Intelligence for All Splunk Users appeared first on Cyber Security News.

A critical vulnerability, identified as CVE-2024-7553, has been discovered in MongoDB. It could potentially allow attackers to take complete control of Windows systems. This vulnerability arises from incorrect validation of files loaded from a local untrusted directory, which can lead to local privilege escalation on Windows operating systems. The flaw affects several versions of MongoDB […]

The post MongoDB Vulnerability Allows Attackers to Gain Complete Control of Windows Systems appeared first on Cyber Security News.

Researchers at Symantec have identified a new Linux ransomware variant linked to a bilingual (English and Spanish) double-extortion ransomware group. This emerging threat poses significant risks to organizations by encrypting and exfiltrating sensitive data, demanding ransom payments for decryption and data protection. Double extortion ransomware is a particularly dangerous type of cyberattack in which attackers […]

The post New Double-Extortion Ransomware Attacking Linux Machines appeared first on Cyber Security News.

A recent research presentation at Black Hat USA 2024 revealed architectural vulnerabilities within the Apache HTTP Server, a widely used web server software. The research highlights several technical debts within Httpd, including three types of Confusion Attacks, nine new vulnerabilities, 20 exploitation techniques, and over 30 case studies. Apache HTTP Server operates through a modular […]

The post Confusion Attacks in Apache HTTP Server Let Attackers Gain Root Access Remotely appeared first on Cyber Security News.

PoC exploit released for critical 0-click remote code execution (RCE) vulnerability affecting Windows Server. This flaw impacts Windows Server versions from 2000 to the latest 2025 preview. This vulnerability, identified as CVE-2024-38077, resides in the Windows Remote Desktop Licensing Service and poses a significant threat due to its ability to be exploited without any user […]

The post PoC Released for 0-click RCE Flaw Impacting Windows Server – MadLicense appeared first on Cyber Security News.

Malware analysis can be challenging, as it often requires in-depth theoretical knowledge and advanced skills. Tools like an interactive sandbox help simplify it, making sophisticated malware behavior easy to expose and understand even for junior security professionals. Here are some of the challenges that interactive malware sandboxes help analysts solve.  What is an Interactive Sandbox […]

The post 5 Malware Analysis Challenges Solved by an Interactive Sandbox appeared first on Cyber Security News.

Researchers from JPCERT uncovered a new technique known as “Smali Gadget Injection,” which is set to revolutionize the dynamic analysis of Android malware. This method offers a more flexible approach compared to existing tools like Frida, which, while useful, provide limited insights due to their general-purpose nature. Traditionally, analyzing Android malware dynamically has posed significant […]

The post Analyse Android Malware Using Innovative Smali Gadget Injection Technique appeared first on Cyber Security News.

Cybersecurity Researchers have unveiled the complicated evolution of the cybercriminal underworld. This transformation, spanning decades, has seen hackers evolve from isolated individuals seeking notoriety to organized syndicates driven by profit. The findings provide crucial insights into the operational dynamics of modern cybercriminal organizations, offering valuable knowledge for cybersecurity professionals striving to protect against these threats. […]

The post Researchers Detailed the Evolution of Cybercriminal Underworld appeared first on Cyber Security News.

In a recent study, researchers from the Université de Montréal and Flare Systems have demonstrated that large language models (LLMs) can accurately extract critical cyber threat intelligence (CTI) from cybercrime forums with an impressive 98% accuracy. The findings, published in a white paper, highlight the immense potential of AI in bolstering cybersecurity efforts. The research […]

The post AI Model Achieve 98% Accuracy in Collecting Threat Intelligence From Dark Web Forums appeared first on Cyber Security News.

A newly identified hacker group, designated as STAC6451, has been actively targeting Microsoft SQL (MSSQL) servers to compromise organizations, primarily in India. This group leverages exposed MSSQL servers to deploy ransomware and other malicious activities, posing a significant threat to various sectors. STAC6451 exploits MSSQL servers exposed to the public internet through the default TCP/IP […]

The post STAC6451 Hackers Attacking Microsoft SQL Servers to Compromise Organizations appeared first on Cyber Security News.

Cybersecurity experts have uncovered a new worm named CMoon targeting users through compromised websites. This sophisticated malware can steal confidential and payment data, download additional malware, and launch Distributed Denial-of-Service (DDoS) attacks. The worm was initially detected in July 2024, and its distribution method and functionality have raised significant concerns among cybersecurity professionals. Detection and […]

The post New Cmoon Worm Attacking Users Via Compromised Websites appeared first on Cyber Security News.

The Tor Project has announced the release of Tor Browser 13.5.2, which includes significant security updates and improvements, mainly focusing on integrating the latest Firefox security patches. Tor Browser anonymizes web traffic using the Tor network, making it easy to protect your identity online. The Tor Browser, updated to version 11.4.31, enhances script-blocking capabilities and […]

The post Tor Browser 13.5.2 Released: What’s New! appeared first on Cyber Security News.

Botnets attack routers to gain control over these devices, turning them into “zombies” that can be used to carry out malicious activities. While they execute all their illicit activities without getting detected, and they do activities like DDoS attacks, spreading malware, facilitating further network intrusions, and many more. In October 2023, Gi7w0rm first referenced the […]

The post Beware Of New Botnet Attacking ASUS Routers & Opens Port 63256 appeared first on Cyber Security News.

A new AMOS Mac stealer variant is circulating, distributed via a fake Loom website hosted on Google Ads, which, potentially linked to the Crazy Evil threat group, redirects users to a fraudulent download page disguised as the legitimate Loom platform.  Once executed, the advanced AMOS stealer exfiltrates sensitive data, including browser information, credentials, and cryptocurrency […]

The post MacOS Stealer Mimic as Screen Recorder Attacking Users via Google Ads appeared first on Cyber Security News.

Audio-visual data offers invaluable insights into human behavior and communication but raises significant privacy concerns, which proposes MaskAnyone, a toolkit for de-identifying individuals in audio-visual data while preserving data utility.  By combining face-swapping, auditory masking, and real-time bulk processing, MaskAnyone addresses the ethical and legal challenges associated with human subject data. The toolkit is designed […]

The post Researches Introduced MaskAnyone Toolkit To Minimize The Privacy Risks appeared first on Cyber Security News.

The threat actors often exploit fake websites to trick users into revealing their personal data. Not only that, but these fake websites are also used to distribute malware, steal identities, and facilitate phishing attacks. Cybersecurity researchers at SonicWall discovered a deceptive WinRar lookalike website that employs typosquatting to distribute malware.  This initial infection triggers the […]

The post Beware Of Fake WinRar Websites Delivering Ransomware via GitHub appeared first on Cyber Security News.