Akira Ransomware Actively Exploiting SonicWall firewall RCE Vulnerability
https://gbhackers.com/akira-sonicwall-exploits/
https://gbhackers.com/akira-sonicwall-exploits/
GBHackers Security | #1 Globally Trusted Cyber Security News Platform
Akira Ransomware Actively Exploiting SonicWall firewall RCE Vulnerability
SonicWall disclosed a critical remote code execution vulnerability (CVE-2024-40766) in SonicOS on August 22nd, 2024. While no active
Predator spyware operation is back with a new infrastructure
https://securityaffairs.com/168222/intelligence/predator-spyware-new-infrastructure.html
https://securityaffairs.com/168222/intelligence/predator-spyware-new-infrastructure.html
Security Affairs
Predator spyware operation is back with a new infrastructure
A new cluster of activity linked to Predator spyware using a new infrastructure was spotted following sanctions against Intellexa Consortium
Payment gateway data breach affects 1.7 million credit card owners
https://www.bleepingcomputer.com/news/security/payment-gateway-data-breach-affects-17-million-credit-card-owners/
https://www.bleepingcomputer.com/news/security/payment-gateway-data-breach-affects-17-million-credit-card-owners/
BleepingComputer
Payment gateway data breach affects 1.7 million credit card owners
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals.
Russian, Kazakhstani men living in Miami indicted over cybercrime training service
https://cyberscoop.com/russian-kazakhstani-men-living-in-miami-indicted-over-cybercrime-training-service/
https://cyberscoop.com/russian-kazakhstani-men-living-in-miami-indicted-over-cybercrime-training-service/
CyberScoop
Russian, Kazakhstani men living in Miami indicted over cybercrime training service
The pair stand accused of administering WWH Club, a major Russian-language cybercrime marketplace.
Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature
https://www.bleepingcomputer.com/news/security/meta-fixes-easily-bypassed-whatsapp-view-once-privacy-feature/
https://www.bleepingcomputer.com/news/security/meta-fixes-easily-bypassed-whatsapp-view-once-privacy-feature/
BleepingComputer
Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature
A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app's "View once" feature and view messages again.
WhatsApp Flaw Allows Bypassing the ‘View Once’ Media Privacy Feature
https://restoreprivacy.com/whatsapp-flaw-allows-bypassing-the-view-once-media-privacy-feature/
https://restoreprivacy.com/whatsapp-flaw-allows-bypassing-the-view-once-media-privacy-feature/
CyberInsider
WhatsApp Flaw Allows Bypassing the 'View Once' Media Privacy Feature
Researchers have uncovered a privacy flaw in WhatsApp's “View Once” feature, designed to enhance user privacy by allowing media to be viewed once before disappearing. The flaw enables attackers to easily bypass this restriction, rendering the privacy protection…
Highline Public Schools closes schools following cyberattack
https://www.bleepingcomputer.com/news/security/highline-public-schools-closes-schools-following-cyberattack/
https://www.bleepingcomputer.com/news/security/highline-public-schools-closes-schools-following-cyberattack/
BleepingComputer
Highline Public Schools closes schools following cyberattack
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack.
Chinese hackers use new data theft malware in govt attacks
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-data-theft-malware-in-govt-attacks/
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-data-theft-malware-in-govt-attacks/
BleepingComputer
Chinese hackers use new data theft malware in govt attacks
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks.
Quad7 botnet targets more SOHO and VPN routers, media servers
https://www.bleepingcomputer.com/news/security/quad7-botnet-targets-more-soho-and-vpn-routers-media-servers/
https://www.bleepingcomputer.com/news/security/quad7-botnet-targets-more-soho-and-vpn-routers-media-servers/
BleepingComputer
Quad7 botnet targets more SOHO and VPN routers, media servers
The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers.
Critical SonicWall SSLVPN bug exploited in ransomware attacks
https://www.bleepingcomputer.com/news/security/critical-sonicwall-sslvpn-bug-exploited-in-ransomware-attacks/
https://www.bleepingcomputer.com/news/security/critical-sonicwall-sslvpn-bug-exploited-in-ransomware-attacks/
BleepingComputer
Critical SonicWall SSLVPN bug exploited in ransomware attacks
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks.
TIDRONE: The Unseen Cyberespionage Threat Targeting Taiwan’s Military and Satellite Industries
https://securityonline.info/tidrone-the-unseen-cyberespionage-threat-targeting-taiwans-military-and-satellite-industries/
https://securityonline.info/tidrone-the-unseen-cyberespionage-threat-targeting-taiwans-military-and-satellite-industries/
Cybersecurity News
TIDRONE: The Unseen Cyberespionage Threat Targeting Taiwan's Military and Satellite Industries
Learn about TIDRONE, a cyber threat targeting the Taiwanese military and satellite industries. Discover their motives, techniques, and the potential dangers for national security.
Chinese APT Stately Taurus Exploits Visual Studio Code in Cyberespionage Attacks
https://securityonline.info/chinese-apt-stately-taurus-exploits-visual-studio-code-in-cyberespionage-attacks/
https://securityonline.info/chinese-apt-stately-taurus-exploits-visual-studio-code-in-cyberespionage-attacks/
Cybersecurity News
Chinese APT Stately Taurus Exploits Visual Studio Code in Cyberespionage Attacks
Discover the latest tactic employed by the Chinese APT group Stately Taurus. Learn how they abuse Visual Studio Code to gain unauthorized access to sensitive networks.
SpyAgent Malware Targets Crypto Wallets via Image Scanning
https://securityonline.info/spyagent-malware-targets-crypto-wallets-via-image-scanning/
https://securityonline.info/spyagent-malware-targets-crypto-wallets-via-image-scanning/
Cybersecurity News
SpyAgent Malware Targets Crypto Wallets via Image Scanning
Beware of SpyAgent, a sophisticated Android malware targeting cryptocurrency wallets. Learn how to protect yourself from this insidious threat.
New Loki Backdoor Emerges: A Private Agent for Mythic Framework Unveiled
https://securityonline.info/new-loki-backdoor-emerges-a-private-agent-for-mythic-framework-unveiled/
https://securityonline.info/new-loki-backdoor-emerges-a-private-agent-for-mythic-framework-unveiled/
Cybersecurity News
New Loki Backdoor Emerges: A Private Agent for Mythic Framework Unveiled
Learn about the new threat Loki, a sophisticated backdoor linked to the Mythic framework, posing challenges to cybersecurity defenders.
ToneShell Backdoor Targets IISS Defence Summit Attendees in Latest Espionage Campaign
https://securityonline.info/toneshell-backdoor-targets-iiss-defence-summit-attendees-in-latest-espionage-campaign/
https://securityonline.info/toneshell-backdoor-targets-iiss-defence-summit-attendees-in-latest-espionage-campaign/
Cybersecurity News
ToneShell Backdoor Targets IISS Defence Summit Attendees in Latest Espionage Campaign
Uncover the cyber espionage tactics of the Mustang Panda group and their use of the ToneShell backdoor. Explore their latest operation targeting attendees of a major defense and security summit.
Chinese APT Groups Continue to Leverage Open-Source and Custom Reconnaissance Tools in Cyber Espionage Campaigns
https://securityonline.info/chinese-apt-groups-continue-to-leverage-open-source-and-custom-reconnaissance-tools-in-cyber-espionage-campaigns/
https://securityonline.info/chinese-apt-groups-continue-to-leverage-open-source-and-custom-reconnaissance-tools-in-cyber-espionage-campaigns/
Cybersecurity News
Chinese APT Groups Continue to Leverage Open-Source and Custom Reconnaissance Tools in Cyber Espionage Campaigns
Explore the reconnaissance techniques used by Chinese APT groups like APT41 and APT10. Learn about the open-source and customized tools they rely on for cyber espionage.
FreeBSD Issues Urgent Security Advisory for CVE-2024-43102 (CVSS 10)
https://securityonline.info/freebsd-issues-urgent-security-advisory-for-cve-2024-43102-cvss-10/
https://securityonline.info/freebsd-issues-urgent-security-advisory-for-cve-2024-43102-cvss-10/
Daily CyberSecurity
FreeBSD Issues Urgent Security Advisory for CVE-2024-43102 (CVSS 10)
Critical vulnerability (CVE-2024-43102) in FreeBSD: Learn about the flaw that could lead to a complete system compromise and how to mitigate it.
CVE-2024-30051: Windows Elevation of Privilege Flaw Exploited by QakBot Malware, PoC Published
https://securityonline.info/cve-2024-30051-windows-elevation-of-privilege-flaw-exploited-by-qakbot-malware-poc-published/
https://securityonline.info/cve-2024-30051-windows-elevation-of-privilege-flaw-exploited-by-qakbot-malware-poc-published/
Daily CyberSecurity
CVE-2024-30051: Windows Elevation of Privilege Flaw Exploited by QakBot Malware, PoC Published
Discover the details of the CVE-2024-30051 vulnerability in Windows and the PoC exploit. Stay informed about this critical flaw and the potential risks it poses.
CVE-2024-6342: Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes Released for End-of-Support Products
https://securityonline.info/cve-2024-6342-critical-command-injection-flaw-in-zyxel-nas-devices-hotfixes-released-for-end-of-support-products/
https://securityonline.info/cve-2024-6342-critical-command-injection-flaw-in-zyxel-nas-devices-hotfixes-released-for-end-of-support-products/
Cybersecurity News
CVE-2024-6342: Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes Released for End-of-Support Products
Discover the critical command injection vulnerability (CVE-2024-6342) affecting Zyxel NAS326 and NAS542 and how to mitigate it.
CISA Alerts on Active Exploitation of Flaws in ImageMagick, Linux Kernel, and SonicWall
https://securityonline.info/cisa-alerts-on-active-exploitation-of-flaws-in-imagemagick-linux-kernel-and-sonicwall/
https://securityonline.info/cisa-alerts-on-active-exploitation-of-flaws-in-imagemagick-linux-kernel-and-sonicwall/
Cybersecurity News
CISA Alerts on Active Exploitation of Flaws in ImageMagick, Linux Kernel, and SonicWall
Urgent warning from CISA: Actively exploited vulnerabilities in ImageMagick, Linux Kernel, and SonicWall. Learn how to safeguard against potential cyberattacks.
Experts demonstrated how to bypass WhatsApp View Once feature
https://securityaffairs.com/168242/hacking/whatsapp-view-once-privacy-feature.html
https://securityaffairs.com/168242/hacking/whatsapp-view-once-privacy-feature.html
Security Affairs
Experts demonstrated how to bypass WhatsApp View Once feature
Users are exploiting a privacy flaw in WhatsApp to bypass the app's "View once" feature, allowing them to re-view messages.