September 17, 2024 at 12:46PM CISA and the FBI advised technology manufacturers to review software for cross-site scripting vulnerabilities before shipping and implement secure-by-design practices to eliminate such flaws entirely. They recommended input validation, output encoding functions, code reviews, and adversarial testing to prevent XSS vulnerabilities in future software releases. This warning is part of … Read more
September 16, 2024 at 09:45AM Hackers are falsely claiming to have compromised US election infrastructure, but the FBI and CISA refute these assertions, stating that no evidence of cyberattacks preventing elections, altering voter information, tampering with ballots, or disrupting vote counts exists. They caution the public to critically assess claims of leaked voter data, as … Read more
September 16, 2024 at 09:27AM Cybersecurity researchers warn about North Korean threat actors targeting LinkedIn users with RustDoor malware, posing as cryptocurrency recruiters. The attackers aim at infiltrating financial and cryptocurrency networks through social engineering campaigns, prompting victims to download malicious coding challenges. The RustDoor backdoor persists in macOS and Windows machines, highlighting evolving tactics … Read more
September 16, 2024 at 05:27AM Exploitation of the Ivanti Cloud Service Appliance (CSA) vulnerability CVE-2024-8190 began shortly after the vendor released patches. The high-severity flaw enables unauthorized access and remote code execution, affecting certain versions of the CSA. Ivanti has addressed the issue in Patch 519 and CSA 5.0, but noted limited customer exploitation. CISA … Read more
September 12, 2024 at 09:36AM Bad actors target Internet-exposed Selenium Grid instances for illicit cryptocurrency mining and proxyjacking. The lack of authentication makes these instances vulnerable. Threat actors exploit this to carry out malicious actions, including deploying crypto miners and proxyware solutions EarnFM and IPRoyal Pawn. Organizations are urged to configure authentication to prevent abuse. … Read more
September 12, 2024 at 06:09AM Threat actors are targeting Internet-exposed Selenium Grid servers for cryptomining, proxyjacking, and potentially more malicious activities. With thousands of exposed servers, hackers have been deploying automated malware to hijack them. Furthermore, the lack of authentication and outdated versions of Selenium Grid servers pose a significant security risk. Improperly secured servers … Read more
September 11, 2024 at 06:27AM Cybersecurity researchers have discovered new malicious Python packages targeting software developers, using fake job interviews as lures. Linked to North Korea-backed Lazarus Group, the ongoing campaign dubbed VMConnect employs modified legit PyPI libraries to embed malicious code. Attackers impersonate legitimate companies and use LinkedIn to contact and infect unsuspecting developers. … Read more
September 10, 2024 at 12:34PM CosmicBeetle debuts new ransomware, ScRansom, targeting SMBs globally, possibly as an affiliate for RansomHub. The attack spans various sectors and uses brute-force attacks and known security flaws for infiltration. Cicada3301 ransomware is observed with modifications, while a kernel-mode signed Windows driver, POORTRY, used by multiple ransomware gangs as an EDR … Read more
September 9, 2024 at 05:00PM Akira ransomware affiliates are exploiting a critical remote code execution vulnerability (CVE-2024-40766) in SonicWall’s Gen 5, Gen 6, and some Gen 7 firewall products. The US CISA has added it to their list of known exploited vulnerabilities. SonicWall advises customers to update affected appliances and take measures to limit firewall … Read more
September 6, 2024 at 09:18AM SonicWall warns customers of a potential exploit in a recently patched SonicOS vulnerability (CVE-2024-40766). The vulnerability impacts Gen 5, Gen 6, and Gen 7 firewalls, allowing unauthorized access and possible crashes. They advise immediate patching and password updates to mitigate risks. There are no reports of exploitation yet. Based on … Read more