Recent Security News
-
Canada’s anti-money laundering agency offline after cyberattack
March 6, 2024 at 12:35PM FINTRAC, a Canadian financial intelligence agency, experienced a cyber incident, leading to the precautionary shutdown of corporate systems. The agency confirmed that its sensitive information and operational capabilities are secure. It is collaborating with federal partners to restore operations and prevent future incidents. This incident follows other high-profile cybersecurity challenges…
-
Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining
March 6, 2024 at 12:15PM Threat actors are utilizing misconfigured and vulnerable servers to conduct Remote Code Execution (RCE) attacks and deploy cryptocurrency miners. Cloud security company Cado has named this activity “Spinning YARN,” with attackers using Golang payloads to exploit Confluence, Docker, Hadoop YARN, and Redis services. The attacks also exploit known vulnerabilities and…
-
Apple’s trademark tight lips extend to new iPhone, iPad zero-days
March 6, 2024 at 12:06PM Apple’s latest security patches fix four vulnerabilities in iOS and iPadOS, including two exploited zero-days. The vulnerabilities, registered as CVE-2024-23225 and CVE-2024-23296, allow attackers to bypass kernel memory protections but were patched with improved validation. The updates also addressed other minor vulnerabilities and introduced new features, including options for browser…
-
Linux Malware Campaign Targets Misconfigured Cloud Servers
March 6, 2024 at 11:27AM Cado Security warns of a cryptojacking campaign targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances with unique Golang payloads. Attackers use reverse shells, rootkits, and various scripts to exploit vulnerabilities. The extensive attack demonstrates the variety of techniques used to exploit cloud and Linux services, as well as keeping…
-
Fresh $100 Million Claroty Funding Brings Total to $735 MillionĀ
March 6, 2024 at 11:27AM Claroty, a cyber-physical systems security company, has raised $100 million in strategic growth funding, making its total investment $735 million. Participants in the latest funding round include Delta-v Capital, AB Private Credit Investors, Standard Investments, Toshiba Digital Solutions, Rockwell Automation, and Silicon Valley Bank. Claroty plans to use the funding…