Tag: recent cybersecurity news

Microsoft breach led to the theft of 60k US State Dept emails
News

Microsoft breach led to the theft of 60k US State Dept emails

Tens of thousands of emails were stolen from U.S. State Department accounts by Chinese hackers in May after they broke into Microsoft's cloud-based Exchange email system. U.S. State Department officials said that the attackers acquired at least 60,000 emails from Outlook accounts belonging to State Department employees stationed in East Asia, the Pacific, and Europe during a recent Senate staff briefing, as first reported by Reuters. The hackers also succeeded in getting a list of every email address used by the department. The compromised State Department staff spent much of their time working on Indo-Pacific diplomatic initiatives. In a statement, Senator Eric Schmitt stated, "We need to harden our defenses against these kinds of cyberattacks and intrusions in the future read m...
Bing Chat responses infiltrated by ads pushing malware
News

Bing Chat responses infiltrated by ads pushing malware

Microsoft's AI-powered Bing Chat answers are now containing malicious advertising promoting phony download sites that disseminate malware. In an effort to counter Google's hegemony in the search market, Microsoft debuted Bing Chat in February 2023, which is powered by OpenAI's GPT-4 engine. Bing Chat aims to improve the usability and intuitiveness of internet searches by providing users with an interactive chat-based experience rather than the standard search query and result format. Microsoft started putting adverts into Bing Chat conversations in March in order to make money off of this new platform read more Bing Chat responses infiltrated by ads pushing malware. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive covera...
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
News

Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

In addition to seven other bugs, Progress Software has issued hotfixes for a significant security hole in the WS_FTP Server Ad hoc Transfer Module and the WS_FTP Server manager interface. The bug, identified as CVE-2023-40044, has a maximum severity CVSS score of 10.0. The bug affects all releases of the software. "In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a pre-authenticated attacker could leverage a.NET deserialization vulnerability in the Ad Hoc Transfer module to execute remote commands on the underlying WS_FTP Server operating system," the business noted in an alert. The vulnerability was found and reported by Assetnote security researchers Sean Yeoh and Shubham Shah read more Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server. ...
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
News

Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts

Cisco has issued a warning regarding attempts to exploit a security hole in its IOS and IOS XE software that might allow a remote, authenticated attacker to execute remote code on vulnerable devices. The medium-severity vulnerability has a CVSS score of 6.6 and is tagged as CVE-2023-20109. All software versions with the GDOI or G-IKEv2 protocol enabled are affected. The vulnerability, according to the manufacturer, "could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. It further noted that the issue is the result of insufficient validation of attributes in the Group Domain of Interpretation (GDOI) read more Cisco Warns of Vulnerability in ...
US and Japan warn of Chinese hackers backdooring Cisco routers
News

US and Japan warn of Chinese hackers backdooring Cisco routers

Law enforcement and cybersecurity organizations in the US and Japan issue alerts about Chinese 'BlackTech' hackers breaking into network devices to install personalized backdoors for access to business networks. The state-sponsored hacking gang is breaking into network devices at international subsidiaries in order to pivot to the networks of corporate headquarters, according to a joint report from the FBI, NSA, CISA, and the Japanese NISC (cybersecurity) and NPA (police). Since at least 2010, the Chinese state-sponsored APT group BlackTech (also known as Palmerworm, Circuit Panda, and Radio Panda) has been conducting cyberespionage assaults against Japanese read more US and Japan warn of Chinese hackers backdooring Cisco routers. Stay informed with the best cybersecurity news an...
Google fixes fifth actively exploited Chrome zero-day of 2023
News

Google fixes fifth actively exploited Chrome zero-day of 2023

With today's urgent security upgrades, Google has corrected the fifth Chrome zero-day vulnerability that has been used in attacks since the year's beginning. Google stated in a security alert released on Wednesday that it is aware of the existence of a CVE-2023-5217 exploit in the wild. Google Chrome 117.0.5938.132, which is available to users of Windows, Macs, and Linux systems globally in the Stable Desktop channel, fixes the security flaw. The patched version will probably take days or weeks to reach every user, according to the advice read more Google fixes fifth actively exploited Chrome zero day of 2023. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
News

ZenRAT Malware Targeting Windows Users via Fake Password Manager Software

ZenRAT, a brand-new malware strain that spreads via fake Bitwarden password manager installation packages, has surfaced in the open. Enterprise security company Proofpoint stated in a technical analysis that the malware "is specifically targeting Windows users and will redirect people using other hosts to a benign web page." "The malware is a modular remote access trojan (RAT) with information-stealing capabilities." Although it's unclear how traffic is being routed to the domains, ZenRAT is hosted on phony websites that claim to be affiliated with Bitwarden. Such virus has previously been spread by phishing, malicious advertising, or SEO poisoning attempts read more ZenRAT Malware Targeting Windows Users via Fake Password Manager Software. Stay informed with the best cybersecuri...
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
News

China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies

A threat actor with ties to China known as Budworm has launched a new wave of attacks against telecom and governmental organizations. The Symantec Threat Hunter Team, a division of Broadcom, claimed that the attacks, which were launched in August 2023 and targeted a Middle Eastern telecom company and an Asian government, involved the adversary using an upgraded version of its SysUpdate toolset. In order to further its information collecting objectives, Budworm, also known as APT27, Bronze Union, Emissary Panda, Iron Tiger, Lucky Mouse, and Red Phoenix, has been known to be operating since at least 2013. The nation-state group uses a variety of tools, including the China Chopper web shell read more China Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies. ...
New ZeroFont phishing tricks Outlook into showing fake AV-scans
News

New ZeroFont phishing tricks Outlook into showing fake AV-scans

To deceive security mechanisms in Microsoft Outlook into thinking that dangerous emails have been successfully inspected, hackers are now using zero-point typefaces in emails. This is the first instance of the ZeroFont phishing tactic being utilized in this manner, despite the fact that it has been employed in the past. According to a recent analysis by ISC Sans analyst Jan Kopriva, users should be aware of this trick's use in the wild and its potential to significantly increase the success of phishing operations read more New ZeroFont phishing tricks Outlook into showing fake AV-scans. Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
New AtlasCross hackers use American Red Cross as phishing lure
News

New AtlasCross hackers use American Red Cross as phishing lure

AtlasCross, a new APT hacking outfit, uses phishing lures that impersonate the American Red Cross to target businesses and spread backdoor software. DangerAds and AtlasAgent, two previously unreported trojans, have been linked to attacks by the new APT organization, according to cybersecurity firm NSFocus. According to NSFocus, the AtlasCross hackers are skilled and evasive, making it difficult for the researchers to pinpoint their origin. This APT attacker is quite different from known attacker characteristics in terms of execution flow, attack technology stack, attack tools, implementation details, attack objectives, behavior tendency, and other main attribution indicators, according to NSFOCUS Security Labs, which conducted an in-depth analysis of the attack process read more ...