Category: Uncategorized
-

Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks [email protected] (The Hacker News)
The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data. “Organizations often store a variety of data in SaaS applications and use services from CSPs,” Palo Alto Networks Unit 42 said in a report published last week. “The threatRead More
-
Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure Eduard Kovacs
ICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure firm. The post Destructive ICS Malware ‘Fuxnet’ Used by Ukraine Against Russian Infrastructure appeared first on SecurityWeek. Read More
-
Two People Arrested in Australia and US for Development and Sale of Hive RAT Ionut Arghire
Authorities in Australia and the US have arrested and charged two individuals for developing and selling the Hive RAT. The post Two People Arrested in Australia and US for Development and Sale of Hive RAT appeared first on SecurityWeek. Read More
-
Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges Ionut Arghire
Former security engineer Shakeeb Ahmed was sentenced to prison for hacking and defrauding cryptocurrency exchanges. The post Former Security Engineer Sentenced to Prison for Hacking Crypto Exchanges appeared first on SecurityWeek. Read More
-

Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution [email protected] (The Hacker News)
To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to privileged identity management aims to mitigate the risks associated with prolonged high-level access by granting privileges temporarily and only when necessary, rather than providing users withRead More
-
Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge Eduard Kovacs
Palo Alto Networks has started releasing hotfixes for the firewall zero-day CVE-2024-3400, which some have linked to North Korea’s Lazarus. The post Palo Alto Networks Releases Fixes for Firewall Zero-Day as Attribution Attempts Emerge appeared first on SecurityWeek. Read More
-

Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users [email protected] (The Hacker News)
Cybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. “The latest iteration of LightSpy, dubbed ‘F_Warehouse,’ boasts a modular framework with extensive spying features,” the BlackBerry Threat Research and Intelligence Team said in a report published lastRead More
-

Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability [email protected] (The Hacker News)
Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect feature that an unauthenticated attacker could weaponize to execute arbitrary code with rootRead More
-

Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts [email protected] (The Hacker News)
A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question, pled guilty to one count of computer fraud in December 2023 following his arrest in July. “At the time of both attacks,Read More
-

U.S. Treasury Hamas Spokesperson for Cyber Influence Operations [email protected] (The Hacker News)
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir ‘Abdallah al-Kahlut, 39, also known as Abu Ubaida, has served as the public spokesperson of Izz al-Din al-Qassam Brigades, the military wing of Hamas, since at…
