Author: Admin
November 19, 2024Ravi LakshmananVulnerability / Data Security Patched security flaws affecting Progress Kemp LoadMaster and VMware vCenter Server have been found to be actively exploited in the wild. The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS Score: 10.0), the highest level security vulnerability in Progress Kemp LoadMaster to known vulnerabilities that exploit (KEV) directory. It was addressed by Progress Software back to February 2024. “Progress Kemp LoadMaster contains an OS command injection vulnerability that allows an unauthenticated remote attacker to gain access to the system via the LoadMaster management interface, allowing arbitrary system commands to…
According to research by GitGuardian and CyberArk, 79% of IT leaders reported that they have experienced a secret leakcompared to 75% in the previous year’s report. At the same time, the number of credential leaks has never been greater than There are 12.7 million hard-coded credentials in public GitHub repositories alone. One of the most disturbing aspects of this report is that over 90% of the real secrets found and reported remained valid for more than 5 days. According to studies take an average of 27 days for organizations to fix a credential leak. Combine this with that non-human identities…
November 18, 2024Ravi LakshmananThreat Intelligence / Ransomware Cyber security researchers have shed light on a new stealthy malware loader called BabbleLoader that has been spotted in the wild delivering families of information stealers such as WhiteSnake and Medusa. BabbleLoader is “an extremely evasive bootloader packed with defense mechanisms that is designed to bypass antivirus and sandbox environments to deliver memory theft,” said Intezer security researcher Ryan Robinson said in a report published on Sunday. Evidence shows that the downloader is being used by several companies targeting both English- and Russian-speaking people, primarily targeting users looking for general hacked software, as…
November 18, 2024Ravi LakshmananPrivacy / Email Security Google appears to be preparing a new feature called Shielded Email that will allow users to create email aliases when signing up for online services and better fight spam. There was a feature reported for the first time Android Authority last week after tearing down the latest version Google Play Services for Android. The idea is to create unique, disposable email addresses that forward messages to the associated primary account, thereby eliminating the need to provide a valid email address when filling out forms or signing up for new online services. The idea…
According to research by GitGuardian and CyberArk, 79% of IT leaders reported that they have experienced a secret leakcompared to 75% in the previous year’s report. At the same time, the number of credential leaks has never been greater than There are 12.7 million hard-coded credentials in public GitHub repositories alone. One of the most disturbing aspects of this report is that over 90% of the real secrets found and reported remained valid for more than 5 days. According to studies take an average of 27 days for organizations to fix a credential leak. Combine this with that non-human identities…
November 18, 2024Hacker newsPenetration Testing / Network Security IT leaders know the drill – regulators and cyber insurers demand regular maintenance network penetration test to keep the bad guys out. But here’s the thing: Hackers don’t wait for schedules to run. Most companies conduct penetration testing on a set schedule, with twice a year (29%) being the most common, followed by three to four times a year (23%) and once a year (20%), according to Kaseya 2024 Cyber Security Research Report. Compliance-oriented testing can detect vulnerabilities that exist at the exact time of testing, but it’s not enough to significantly…
A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with fake pages impersonating legitimate brands to steal their personal information ahead of the Black Friday shopping season. “The company took advantage of increased online shopping activity in November, during the peak Black Friday discount season. The threat actor used counterfeit discounted products as phishing lures to trick victims into providing Cardholder Data (CHD) and Sensitive Authentication Data (SAD) and Personally Identifiable Information (PII),” EclecticIQ said. The activity, first seen in early October 2024, is attributed with high confidence to a Chinese financially motivated threat actor…
November 18, 2024Ravi LakshmananMobile Security / Spyware Legal documents released As part of the ongoing litigation between WhatsApp Meta and NSO Group, it was discovered that the Israeli spyware maker used several exploits targeting the messaging app to deliver Pegasus, including one even after Meta sued for it. They also show that NSO Group repeatedly found ways to install an invasive tracking tool on targeted devices as WhatsApp built new defenses to counter the threat. In May 2019, WhatsApp said it had blocked a sophisticated cyberattack that used its video calling system to secretly deliver the Pegasus malware. The attack…
November 18, 2024Ravi LakshmananWebsite Vulnerability / Security A critical authentication bypass vulnerability has been discovered in the Really Simple Security (formerly Really Simple SSL) WordPress plugin that, if successfully exploited, could give an attacker remote full administrative access to a vulnerable site. The vulnerability, identified as CVE-2024-10924 (CVSS score: 9.8), affects both the free and premium versions of the plugin. The software is installed on over 4 million WordPress sites. “The vulnerability is scriptable, meaning it can be turned into a large-scale automated attack targeting WordPress websites,” said István Martan, security researcher at Wordfence. said. After a responsible disclosure on…
November 16, 2024Ravi LakshmananVulnerability / Network Security Palo Alto Networks released new indicators of compromise (IoC) a day after the network security vendor confirmed that a new zero-day vulnerability affecting the PAN-OS firewall management interface is in active use in the wild. To this end, the company said he observed malicious activity originating from the IP addresses below and targeting the PAN-OS web management interface IP addresses accessible over the Internet – 136.144.17(.)* 173.239.218(.)251 216.73.162(.)* The company warned, however, that these IP addresses may represent “third-party VPNs with legitimate user activity originating from these IP addresses to other destinations.” An…