Cisco has issued a security advisory regarding a critical remote code execution (RCE) vulnerability, dubbed “regreSSHion,” that affects multiple products. The vulnerability tracked as CVE-2024-6387, was disclosed by the Qualys Threat Research Unit on July 1, 2024. It impacts the OpenSSH server (sshd) in glibc-based Linux systems and has the potential to allow unauthenticated attackers…
Hackers add more devices to the network of slave digital devices, which would do what hackers want them to do. These networks, called botnets, launch large-scale cyberattacks, including the dreaded Distributed Denial of Services (DDoS). Now Dark web peers are selling botnets at throw-away prices ranging from $99 on the Dark Web, according to cybersecurity…
Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread with news that the software giant is notifying surprised customers that their emails were also stolen by the Midnight Blizzard hackers. According to published reports, Redmond’s incident response team is providing a secure portal for customers to view specifics of emails stolen…
Cybersecurity researchers uncovered a sophisticated attack campaign by the Water Sigbin (aka 8220 Gang) threat actor that exploited vulnerabilities in the Oracle WebLogic Server, notably CVE-2017-3506 and CVE-2023-21839, to deploy the XMRig cryptocurrency miner on compromised systems. The attack begins with the threat actor exploiting the WebLogic vulnerabilities to execute a malicious PowerShell script on the victim…
Companies in the market for cybersecurity professionals could face a new method of attack, made harder to spot because of artificial intelligence: Hackers posing as job applicants. As cyber threats targeting U.S. companies multiply, some security leaders have increased scrutiny during hiring to weed out bad actors—or simply applicants with over-embellished resumes. Globally, the cyber…
Santa Barbara Systems, a General Dynamics (GD.N) subsidiary in Spain that is refurbishing Leopard tanks for delivery to Ukraine, suffered a cyberattack on its website, a pro-Russia hacker group said. A spokesperson for General Dynamics confirmed that the defence contractor’s Spanish unit had been targeted in an attempted cyberattack “that was detected immediately and has not…
Hackers Backdoored Courtroom Video Recording Software With System Hijacking Malware Courtroom software hijacked discovered by researchers of Rapid7 A vulnerability (CVE-2024-4978) has been identified in JAVS Viewer v8.3.7, a critical component for managing digital recordings in legal and government environments. The installer for this version is backdoored, allowing attackers to remotely seize control of infected…
During the Hajj season, there is an increased risk of online scams targeting individuals who are planning to make the pilgrimage to Mecca. Fraudsters employ various tactics to deceive and defraud unsuspecting pilgrims. According to the Association of British Travel Agents (ABTA), every year, around 25,000 pilgrims from the UK travel to Saudi Arabia…
MediSecure, an electronic prescriptions provider, suffered a data breach that compromised people’s health data. The Australian Federal Police have investigated and reported the breach to Australia’s National Cyber Security Coordinator. In 2023, MediSecure was not selected in a government tender process, but despite this, MediSecure secured over 28 million scripts. Lt Gen Michelle McGuinness, the…
Google Chrome users should check if their browser is updated, as versions prior to 124.0.6367.207 allow malicious actors to exploit critical flaws. Following an emergency security patch, Google has released Chrome version 125, which fixes two additional high-risk flaws. The Chrome team released stable version 125, which brings nine security fixes and other improvements. Users…
