Category: Uncategorized
-
Migrate to passwordless to enhance security and UX
Post ContentRead More
-
How AI is shaping the future of the cybersecurity workforce
Post ContentRead More
-

Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms [email protected] (The Hacker News)
Iran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States. The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras,…
-

How to Generate a CrowdStrike RFM Report With AI in Tines [email protected] (The Hacker News)
Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of the platform. Their bi-annual “You Did What with Tines?!” competition highlights some of the most…
-

New Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade Detection [email protected] (The Hacker News)
Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while simultaneously evading detection. “PUMAKIT is a sophisticated loadable kernel module (LKM) rootkit that employs advanced stealth mechanisms to hide its presence and maintain communication withRead More
-
Ivanti Cloud Services Application (CSA) Vulnerabilities (CVE-2024-11639, CVE-2024-11772, CVE-2024-11773)
What are the Vulnerabilities?Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) that could lead to privilege escalation and code execution. More details below:CVE-2024-11639, CVSS: 10.0 (Maximum Severity), authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 allows a remote unauthenticated attacker to gain…
-

FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K Seized [email protected] (The Hacker News)
The U.S. Department of Justice (DoJ) on Thursday announced the shutdown of an illicit marketplace called Rydox (“rydox.ru” and “rydox[.]cc”) for selling stolen personal information, access devices, and other tools for conducting cybercrime and fraud. In tandem, three Kosovo nationals and administrators of the service, Ardit Kutleshi, Jetmir Kutleshi, and Shpend Sokoli, have been arrested.…
-

Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online [email protected] (The Hacker News)
Cybersecurity researchers are warning that thousands of servers hosting the Prometheus monitoring and alerting toolkit are at risk of information leakage and exposure to denial-of-service (DoS) as well as remote code execution (RCE) attacks. “Prometheus servers or exporters, often lacking proper authentication, allowed attackers to easily gather sensitive information, such as credentials and APIRead More
-
Cleo patches file transfer zero-day flaw under attack
Post ContentRead More
-

Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet States [email protected] (The Hacker News)
The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. “BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims,” Lookout said in an analysis.…
