Cyber Security News

Since unarchiver apps are commonly used and trusted for extracting files, threat actors often abuse them to disseminate malware and other malicious files. Recently, security analysts uncovered macOS malware that disguises itself as an “Unarchiver” app, enabling threat actors to steal user data. During routine research, cybersecurity experts at Hunt.io discovered a phishing site masquerading […]

The post macOS Malware Disguise As Unarchiver App Steals User Data appeared first on Cyber Security News.

OneBlood, the not-for-profit blood center serving much of the southeastern United States, has been hit by a ransomware attack that has impacted its software systems. The organization works closely with cybersecurity specialists and federal, state, and local agencies to address the situation. “OneBlood takes the security of our network extremely seriously,” said Susan Forbes, OneBlood’s […]

The post OneBlood Hit by Ransomware Attack, Software Systems Affected appeared first on Cyber Security News.

Cyber A.I. Group, Inc., an emerging growth global cybersecurity, A.I. and IT services company, announced today that it has executed a Letter of Intent (LOI) to acquire a prominent North American-based cybersecurity firm. The announcement was made by Walter Hughes, CEO of Cyber A.I. Group alongside A.J. Cervantes, Jr., Executive Chairman of Cyber A.I. Group […]

The post Cyber A.I. Group Announces LOI to Acquire Prominent North American Cyber Security Company appeared first on Cyber Security News.

In recent days, threat actors have leveraged the popular Google Authenticator (a multi-factor authentication program) through Google ads, infecting devices with malware. In this instance, an unidentified person was able to pose as Google and effectively distribute malware that was tricked as a legitimate Google product. This not only deceives innocent individuals into downloading malware […]

The post Weaponized Google Authenticator Via Google Ads Steals Sensitive Data appeared first on Cyber Security News.

Since February 2022, a highly advanced Android malware campaign has been specifically designed to attack one-time passwords (OTPs), which are used for enterprise security breaches. While tracking more than 107,000 malware samples, zLabs researchers noticed how the attackers changed their tactics to bypass security measures and gain access to confidential corporate information. This protracted operation […]

The post New SMS Stealer Infects Millions Of Android Users In 113 Countries appeared first on Cyber Security News.

Google has introduced several measures to address this threat, including Safe Browsing download protection in Chrome, Device Bound Session Credentials, and account-based threat detection systems that alert users to the misuse of stolen cookies. Cybercriminals using cookie theft infostealer malware continue to pose a significant risk to user safety and security. Today, Google is announcing […]

The post Google Chrome Now Prevent Users From Cookie Steal Malware on Windows appeared first on Cyber Security News.

Microsoft has issued a significant security alert regarding a vulnerability in VMware ESXi hypervisors, which ransomware operators have actively exploited. According to the Shadowserver Foundation, the vulnerability, identified as CVE-2024-37085, exposed 20,275 instances as of July 30, 2024. The CVE-2024-37085 vulnerability is an authentication bypass flaw with a CVSS score of 6.8. It specifically affects […]

The post 20,275 VMware ESXi Vulnerable Instances Exposed, Microsoft Warns of Massive Exploitation appeared first on Cyber Security News.

A critical vulnerability in GeoServer, an open-source Java-based software server, has put thousands of servers at risk. The flaw, CVE-2024-36401, allows unauthenticated users to execute remote code, posing a significant threat to global geospatial data infrastructures. A recent tweet from The Shadowserver Foundation reported that the CVE-2024-36401 vulnerable GeoServer instances.               CVE-2024-36401-Vulnerability Details According to […]

The post Hackers Actively Exploiting GeoServer RCE Flaw, 6635 Servers Vulnerable appeared first on Cyber Security News.

Cryptocurrency scams are becoming increasingly sophisticated. This article delves into the intricacies of these scams, providing insights into how they operate and offering tips on how to protect your cryptocurrency assets. The scam begins innocuously with a forwarded Telegram message about a cryptocurrency sale. The message includes a five-second video clip featuring a screenshot of […]

The post Beware of Malicious Crypto Management App that Drains Your Wallet appeared first on Cyber Security News.

On July 30, 2024, Microsoft experienced a significant global outage affecting its Azure cloud services and Microsoft 365 products. The incident, which lasted nearly 10 hours, was triggered by a Distributed Denial-of-Service (DDoS) attack and impacted users worldwide. The outage began at approximately 11:45 UTC and was resolved by 19:43 UTC. During this period, users […]

The post DDoS Attack Leads to Microsoft Azure Global Outage appeared first on Cyber Security News.

A recent discovery has unveiled vulnerabilities in multiple hosted, outbound SMTP servers, allowing authenticated users and certain trusted networks to send emails with spoofed sender information. These vulnerabilities, CVE-2024-7208 and CVE-2024-7209, exploit weaknesses in the authentication and verification mechanisms provided by Sender Policy Framework (SPF) and Domain Key Identified Mail (DKIM). Domain-based Message Authentication, Reporting, […]

The post Multiple SMTP Servers Vulnerable to Spoofing Attacks, Hackers Bypassing Authentication appeared first on Cyber Security News.

Google has rolled out a critical security update for its Chrome browser, addressing a severe flaw that could lead to browser crashes. The update, now available on the Stable channel, brings Chrome to version 127.0.6533.88/89 for Windows and Mac and 127.0.6533.88 for Linux. This update will be distributed over the coming days and weeks. The […]

The post Google Patched Critical Chrome Vulnerability Leads to Browser Crash appeared first on Cyber Security News.

A sophisticated phishing campaign with Tycoon 2FA Phish-kit has been identified, leveraging Amazon Simple Email Service (SES) and a series of high-profile redirects to steal user credentials. The attack chain, meticulously designed to evade detection, involves multiple stages and utilizes various compromised domains and services. According to the Phishing sample analysis, The phishing attack begins […]

The post Beware! Tycoon 2FA Phish-kit Exploits Amazon SES to Steal User Credentials appeared first on Cyber Security News.

Security researchers have uncovered a critical vulnerability affecting over one million websites. The vulnerability combines OAuth implementation flaws with cross-site scripting (XSS) attacks. The vulnerability stems from the interaction between OAuth, a widely used authentication protocol, and XSS, a long-standing web security issue. While XSS attacks have become less prevalent due to improved security measures, […]

The post Critical OAuth Vulnerability Exposes 1 Million Sites to XSS Attacks appeared first on Cyber Security News.

Cybersecurity firm Zscaler has revealed that the Dark Angels ransomware group received an unprecedented $75 million ransom payment from a single victim in a shocking development that underscores the escalating ransomware threat. This staggering sum nearly doubles the $40 million paid by insurance giant CNA Financial in 2021, marking a new milestone in the history […]

The post Record-breaking Ransom Payment: Dark Angels Ransomware Received $75 Million appeared first on Cyber Security News.

Indicators of Compromise (IOCs) are key forensic data points used to detect security breaches. They include file hashes, suspicious IP addresses, domain names, URLs, specific email addresses, unusual file names, registry changes, unexpected processes, and abnormal network traffic patterns. These elements help identify malicious activity and are crucial for timely detection and response to cybersecurity […]

The post How to Collect and Use IOCs From Malware Configs in TI Lookup – SOC/DFIR Teams appeared first on Cyber Security News.

On July 30, 2024, at approximately 13:13 UTC, Microsoft Azure & Microsoft 365 reported a global outage affecting a subset of its services. The issue resulted in timeouts and difficulties connecting to various Azure services worldwide. Multiple engineering teams at Microsoft were promptly engaged to diagnose and resolve the issue. The company acknowledged the problem […]

The post Microsoft Azure Globally Down – What’s Happening! appeared first on Cyber Security News.

Researchers uncovered Cuckoo Spear, a new threat actor associated with the APT10 group, demonstrating persistent stealthy operations within victim networks for two to three years.  The advanced persistent threat (APT) utilizes novel techniques and tools to conduct cyber espionage, emphasizing the critical need for robust security protocols, continuous threat monitoring, and collaborative intelligence sharing among […]

The post Cuckoo Spear Attacking Windows Users With Highly Sophisticated Malware appeared first on Cyber Security News.

The Medusa Ransomware Group experienced significant operational security (OPSEC) failure, which was primarily due to the group’s use of Rclone, a widely utilized tool for data exfiltration, to store stolen data in the cloud storage service put.io.  The key issue arose from a misconfigured Rclone configuration file, which contained access tokens and other credentials, inadvertently […]

The post Researchers Hacked into Medusa Ransomware Group’s Cloud Storage appeared first on Cyber Security News.

Cybercriminals have launched a smishing campaign targeting iPhone users in India, impersonating India Post. Malicious iMessages falsely claim a package awaits at an India Post warehouse, enticing victims to click on fraudulent links.  It leverages the widespread trust in India Post and the popularity of iPhones to deceive users into compromising their devices and potentially […]

The post iPhone Users Beware! Fake Postal Messages Stealing Your Login Credentials appeared first on Cyber Security News.