Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks

October 3, 2024 at 01:20PM Adobe Commerce and Magento online stores are under threat from CosmicSting attacks, leading to approximately 5% of stores being hacked. Vulnerability CVE-2024-32102 enables remote code execution and impacts various Adobe Commerce and Magento versions. Sansec reported 4,275 breached stores, with upcoming attacks projected due to slow patching response. Multiple threat … Read more

Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch

October 3, 2024 at 02:33AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-29824, allows for remote code execution and is actively targeted by threat actors. Federal agencies are … Read more

Top 5 Myths of AI & Cybersecurity

October 2, 2024 at 10:10AM The global rise of sophisticated cybercrimes presents daily challenges for the cybersecurity industry, driving the integration of AI into security measures. However, the belief in AI as the sole solution for cybersecurity is debunked through various myths, emphasizing the importance of a balanced approach that combines AI with traditional security … Read more

Cyberattackers Use HR Targets to Lay More_Eggs Backdoor

October 1, 2024 at 01:24PM A threat group targeting multinational financial organizations impersonates job seekers to execute a spear-phishing campaign spreading the “more_eggs” backdoor. Trend Micro researchers linked this campaign to FIN6 and cautioned that the malware’s MaaS nature blurs threat actor lines. Vigilance and robust security measures are needed to combat this evolving threat. … Read more

AI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image Recognition

October 1, 2024 at 12:51PM The Rhadamanthys information stealer has incorporated AI for optical character recognition, enabling it to extract cryptocurrency wallet seed phrases from images and sell the sensitive information for $250 per month. Despite facing bans, the malicious software continues to evolve, releasing a new version in June 2024 with enhanced features to … Read more

Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now

September 27, 2024 at 12:42PM Progress Software has addressed six security flaws in WhatsUp Gold, including two critical vulnerabilities, through updates in version 24.0.1. The CVE identifiers for the flaws and their respective CVSS scores have been listed. Security researcher Sina Kheirkhah and others have been credited with discovering and reporting the flaws. Users are … Read more

Five Eyes Agencies Release Guidance on Detecting Active Directory Intrusions

September 27, 2024 at 10:21AM Government agencies from the Five Eyes countries have provided guidance on threat actor techniques targeting Microsoft Active Directory. These techniques exploit the directory’s vulnerabilities, making it a prime target for bad actors. The guidance recommends prioritizing privileged access security and implementing a tiered model. It also outlines common compromise techniques … Read more

GenAI Writes Malicious Code to Spread AsyncRAT

September 26, 2024 at 08:25AM Threat actors have leveraged generative artificial intelligence (GenAI) to create and spread malicious code, using it to write VBScript and JavaScript for the distribution of the AsyncRAT. The attackers’ use of GenAI was identified by researchers from HP Wolf Security, signifying a concerning advancement in attackers’ methods. This technological development … Read more

US Transportation and Logistics Firms Targeted With Infostealers, Backdoors

September 26, 2024 at 07:55AM Threat actors are targeting transportation and shipping organizations in North America, compromising email accounts to deliver various malware families like Arechclient2, DanaBot, Lumma Stealer, NetSupport, and StealC. The attacks involve injecting malicious content into compromised inboxes and using Google Drive links or URL files to deliver malware. Proofpoint advises caution … Read more

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

September 26, 2024 at 12:57AM Nation-state threat actors backed by Beijing penetrated several U.S. internet service providers as part of a cyber espionage campaign, aimed at accessing sensitive information and gaining persistent access to target networks. The attacks, attributed to a group known as GhostEmperor, targeted Southeast Asian entities and an unnamed client compromised in … Read more