Non classé

Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.
A brief description of the two vulnerabilities is below –

CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account

Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.
A brief description of the two vulnerabilities is below –

CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account

North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview.
The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for

North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview.
The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for

Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild.
The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android Framework component.
According to the description of the bug in the NIST National

Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild.
The high-severity vulnerability, tracked as CVE-2024-32896 (CVSS score: 7.8), relates to a case of privilege escalation in the Android Framework component.
According to the description of the bug in the NIST National

A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate downstream organizations.
It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing PyPI packages and result in « hundreds of thousands » of malicious package

A new supply chain attack technique targeting the Python Package Index (PyPI) registry has been exploited in the wild in an attempt to infiltrate downstream organizations.
It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing PyPI packages and result in « hundreds of thousands » of malicious package

Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, « Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them » argues that the

Account takeover attacks have emerged as one of the most persistent and damaging threats to cloud-based SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, « Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them » argues that the

The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an « illegal database with billions of photos of faces, » including those of Dutch citizens.
« Facial recognition is a highly intrusive technology that you

The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an « illegal database with billions of photos of faces, » including those of Dutch citizens.
« Facial recognition is a highly intrusive technology that you

A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.

The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers

A new malware campaign is spoofing Palo Alto Networks’ GlobalProtect VPN software to deliver a variant of the WikiLoader (aka WailingCrab) loader by means of a search engine optimization (SEO) campaign.

The malvertising activity, observed in June 2024, is a departure from previously observed tactics wherein the malware has been propagated via traditional phishing emails, Unit 42 researchers

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus.
« Head Mare uses more up-to-date methods for obtaining initial access, » Kaspersky said in a Monday analysis of the group’s tactics and tools.
« For instance, the attackers took advantage of the relatively recent CVE-2023-38831 vulnerability in WinRAR, which

A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus.
« Head Mare uses more up-to-date methods for obtaining initial access, » Kaspersky said in a Monday analysis of the group’s tactics and tools.
« For instance, the attackers took advantage of the relatively recent CVE-2023-38831 vulnerability in WinRAR, which

Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation.
« It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector, » cybersecurity

Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation.
« It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector, » cybersecurity

Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante.

« This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks, » Dutch security company ThreatFabric said.

« Finally, it can use all this exfiltrated

Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante.

« This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks, » Dutch security company ThreatFabric said.

« Finally, it can use all this exfiltrated