Author: Admin
August 9, 2024Ravi LakshmananNational Security / Identity Theft The US Department of Justice (DoJ) on Thursday indicted a 38-year-old Nashville, Tennessee man for allegedly running a “laptop farm” to help North Koreans get remote jobs at US and British companies. Matthew Isaac Noth is charged with conspiracy to damage a protected computer, conspiracy to launder money, conspiracy to defraud, willful damage to a protected computer, identity theft and conspiracy to illegally recruit aliens. If convicted, Knuth faces a maximum sentence of 20 years in prison, with a mandatory minimum of two years in prison for aggravated identity theft. Court documents…
August 9, 2024Ravi LakshmananVulnerability / Network Security The US Cybersecurity and Infrastructure Security Agency (CISA) has revealed that threat actors are exploiting an outdated Cisco Smart Install (SMI) function for the purpose of accessing confidential data. Agency said he saw adversaries “obtaining system configuration files using available protocols or software on devices, such as by abusing Cisco’s legacy Smart Install feature.” It also said it continues to monitor weak password types used on Cisco network devices, thereby exposing them to password cracking attacks. Password types refer to the algorithms used to protect the Cisco device password in the system configuration…
August 8, 2024Ravi LakshmananCyber attack / Cyber espionage The threat actor associated with North Korea is known as Kimsuki has been linked to a new set of attacks targeting university staff, researchers and teachers for intelligence gathering purposes. Cybersecurity firm Resilience said it discovered the activity in late July 2024 after noticing an operation security (OPSEC) error made by hackers. Kimsuky, also known as APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet, Springtail and Velvet Chollima, is just one of many offensive cyber groups operating under the direction of the North Korean government and military. It is also very active, often using…
August 8, 2024Ravi LakshmananBrowser Vulnerability / Security Cybersecurity researchers have discovered a new “0.0.0.0 Day” that affect all major web browsers, which malicious sites can use to hack local networks. The critical vulnerability “exposes a fundamental flaw in the way browsers handle network requests, potentially giving attackers access to confidential services running on local devices,” said Oligo Security researcher Avi Lumelsky said. The Israeli application security company said the implications of the vulnerability are far-reaching and that it stems from inconsistent implementation of security mechanisms and a lack of standardization across browsers. As a result, a seemingly innocuous IP address…
August 8, 2024Ravi LakshmananNetwork Security / Cloud Security Cybersecurity researchers have discovered a new phishing campaign that uses Google Drawings and shortened links created via WhatsApp to avoid detection and trick users into clicking fake links designed to steal sensitive information. “The attackers chose a group of the most prominent websites in computing to create the threat, including Google and WhatsApp to host the attack elements, and an Amazon lookalike to collect the victim’s information,” Menlo Security researcher Ashwin Vamshi said. “This attack is a great example of life at the expense of trusted sites (a lot) threat”. The starting…
August 8, 2024Hacker newsCyber threat management Over the past few years, more than a few new categories of security solutions have emerged in hopes of stemming the never-ending tide of risks. One of these categories is Automated Security Validation (ASV), which provides an attacker perspective on exposure and empowers security teams to continuously test exposure, security measures, and remediation at scale. ASV is a critical element of any cybersecurity strategy, and by providing a clearer picture of potential vulnerabilities and impacts within an organization, security teams can identify weaknesses before they can be exploited. However, relying on ASV alone can…
August 8, 2024Ravi LakshmananWindows Security/Vulnerabilities Microsoft said it is developing security updates to address two vulnerabilities it says could be used to launch attacks to downgrade the Windows Update architecture and replace current versions of Windows files with older versions. The vulnerabilities are listed below – CVE-2024-38202 (CVSS Score: 7.3) – Windows Update Stack Elevation of Privilege Vulnerability CVE-2024-21302 (CVSS Score: 6.7) – Elevation of privilege vulnerability in Windows Secure Kernel Mode The detection and reporting of flaws belongs to SafeBreach Labs researcher Alon Leviev, who presented the findings on Black Hat USA 2024 and DEF CON 32. CVE-2024-38202, which…
August 8, 2024Hacker newsArtificial Intelligence / Network Security An exciting experience this September in Las Vegas!In an era of constant cyber security threats and rapid technological progress, staying ahead of the curve is not just a necessity, it’s very important. The SANS Institute, the world’s leading authority on cyber security training, is pleased to announce Network Security 2024, a landmark event designed to provide cybersecurity professionals with groundbreaking skills, knowledge and insights. Taking place September 4-9, 2024 at Caesars Palace in Las Vegas and online, the event promises to be an unparalleled learning experience and networking opportunity. ensuring accessibility for…
August 8, 2024Ravi LakshmananVulnerability / Network Security A critical security flaw affecting Progress Software’s WhatsUp Gold is seeing active exploit attempts, making it important for users to quickly deploy the latest version. The vulnerability in question CVE-2024-4885 (CVSS Score: 9.8), an unauthenticated remote code execution bug affecting versions of the network monitoring application released prior to 2023.1.3. “WhatsUp.ExportUtilities.Export.GetFileWithoutZip allows you to execute commands with iisapppool\\nmconsole privileges,” the company said in a statement. said in a recommendation published at the end of June 2024. According to security researcher Sina Heirkha of the Summoning Team, the flaw lives in the implementation of…
August 8, 2024Ravi LakshmananCritical Infrastructure / Malware To date, the ransomware known as BlackSuit has demanded up to $500 million in ransoms, with one ransom demand reaching $60 million. This is stated in the updated recommendation of the US Cyber Security and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI). “BlackSuit actors have demonstrated a willingness to negotiate payment amounts,” the agency reported. said. “Ransom amounts are not part of the initial ransom message, but require direct interaction with the threat actor via the .onion URL (accessible via the Tor browser) provided after encryption.” Ransomware attacks have…