Sunday, December 8, 2024

Cyware-cybersecurity news

"Latest cybersecurity news and articles."

Views expressed in this cybersecurity news update are those of the reporters and correspondents.  Accessed on 09 December 2024, 0036 UTC.

Content and Source:  https://social.cyware.com/cyber-security-news-articles

Please check link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).


Latest Cybersecurity News and Articles

Romania’s Election Systems Targeted in Over 85,000 Cyberattacks

Threat actors obtained access credentials for election-related websites and leaked them on a Russian hacker forum less than a week before the first presidential election round.

Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution.

Threat Actor Targets Manufacturing Industry With Lumma Stealer and Amadey Bot

This campaign leverages multiple Living-off-the-Land Binaries (LOLBins), such as ssh.exe, powershell.exe, and mshta.exe, to bypass traditional security mechanisms and remotely execute the next-stage payload.

MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks

Earth Minotaur uses the MOONSHINE exploit kit to deliver the DarkNimbus backdoor to Android and Windows devices, targeting WeChat, and possibly making it a cross-platform threat.

Black Basta Ransomware Campaign Drops Zbot, DarkGate, & Custom Malware

According to a detailed analysis by Rapid7, the threat actors have refined their techniques, introducing novel methods for gaining access and delivering malware, including Zbot, DarkGate, and custom-developed tools.

Crypto-Stealing Malware Posing as a Meeting App Targets Web3 Professionals

Cybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware.

Mitel MiCollab Zero-Day Flaw Gets Proof-of-Concept Exploit

Researchers released a PoC exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances.

Browser Isolation Bypassed: QR Codes Used in Novel C2 Attacks

A recent report from Thibault Van Geluwe de Berlaere at Mandiant unveils an innovative method for attackers to bypass browser isolation and execute command-and-control (C2) operations using QR codes.

Report: 65% of Office Workers Bypass Cybersecurity to Boost Productivity

High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, according to CyberArk.

Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers

Manson Market ("manson-market[.]pw") is believed to have launched in 2022 as a way to peddle sensitive information that was illegally obtained from victims as part of phishing and vishing (voice phishing) schemes.
Load More

at
Labels:

No comments:

Post a Comment

Please leave a comment about our recent post.

Subscribe to: Post Comments (Atom)

ZDNet | Security.

"It's official:  All your Office apps are getting AI and a price increase." Views expressed in this cybersecurity, cyber crime...

  • The Cyberwire Daily Briefing
    "Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters ...
  • Cyber War News Today.
    "International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyb...
  • SecurityWeek Briefing
    "New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the report...