A threat actor known as BrazenBamboo has exploited an unresolved security flaw in Fortinet's FortiClient for Windows to extract VPN credentials as part of a modular framework called DEEPDATA. Volexity, which disclosed the findings Friday, said it identified the zero-day exploitation of the credential disclosure vulnerability in July 2024, describing BrazenBamboo as the … [Read more...] about DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
Security
Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
Nov 15, 2024Ravie LakshmananCyber Espionage / Malware Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and execute malicious commands. Cybersecurity company Check Point has codenamed the malware WezRat, stating it has been detected in the … [Read more...] about Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme
Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and investment fraud schemes for years. The findings come from Infoblox, which said it identified nearly 800,000 vulnerable registered domains over the past three months, of which approximately 9% (70,000) have been … [Read more...] about Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme
Pegasystems Consolidates Endpoint, Identity and Cloud Security with CrowdStrike
Pegasystems, a global leader in AI-powered decisioning and workflow automation, is a strategic partner for many of the world’s leading brands. The company’s role as an enterprise software provider means it often operates under the radar of the general public — but that doesn’t shield it from cyberattacks. Upon joining Pegasystems (Pega) in 2019, Director of Corporate … [Read more...] about Pegasystems Consolidates Endpoint, Identity and Cloud Security with CrowdStrike
Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel
Nov 13, 2024Ravie LakshmananThreat Intelligence / Cyber Espionage A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt, Check … [Read more...] about Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel
November 2024 Patch Tuesday: Updates and Analysis
Microsoft Discloses Vulnerability within Airlift.microsoft.com In an effort to provide additional transparency for Microsoft-hosted services, Microsoft has disclosed a Critical privilege escalation vulnerability within airlift.microsoft.com (CVE-2024-49056). This vulnerability has been fully mitigated by Microsoft and requires no customer interaction. Microsoft has stated … [Read more...] about November 2024 Patch Tuesday: Updates and Analysis
New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
Nov 12, 2024Ravie LakshmananVirtualization / Vulnerability Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user … [Read more...] about New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04
Nov 11, 2024Ravie LakshmananCybersecurity / Hacking News ⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car's tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn't fiction; it's the new cyber reality. Today's attackers have … [Read more...] about THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04
Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns
Nov 09, 2024Ravie LakshmananVulnerability / Network Security Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management … [Read more...] about Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns
Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering
Nov 09, 2024Ravie LakshmananCryptocurrency / Cybercrime The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has been sentenced to 12 years and six months in prison for facilitating money laundering activities between 2011 and 2021. Roman Sterlingov, a dual Russian-Swedish national, pleaded guilty to charges of money laundering and operating an unlicensed … [Read more...] about Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering