New RAMBO Attack Exfiltrates Data from Air-Gapped Computers Using RAM Radio Signals
Dr. Mordechai Guri and his team at Ben Gurion University develop a novel side-channel attack, RAMBO, exploiting radio signals emitted by RAM sticks to steal sensitive information from air-gapped systems.
View full story…
Russian Hacking Group Cadet Blizzard Linked to GRU 161st Specialist Training Center
Cadet Blizzard, also known as Ember Bear, is a Russian hacking group attributed to the GRU 161st Specialist Training Center, responsible for cyber attacks targeting critical infrastructure and key sectors in NATO, EU, Central American, and Asian countries since at least 2020.
View full story…
Latest Cybernews
Telegram CEO Pavel Durov Criticizes French Authorities for Arrest Over Messaging App Moderation
Russian-born billionaire and French national Pavel Durov criticizes French authorities for his arrest on charges related to illicit activities on Telegram, including child pornography, drug trafficking, and fraud, emphasizing the platform’s commitment to user privacy and security.
View full story…
Critical Security Flaws in OSGeo GeoServer GeoTools and DrayTek VigorConnect Actively Exploited in Cyber Campaigns
Exploited vulnerabilities in OSGeo GeoServer GeoTools and DrayTek VigorConnect lead to significant cybersecurity concerns, with campaigns delivering cryptocurrency miners, botnet malware, and backdoors.
View full story…
Russian GRU Unit 29155 Accused of Cyber-Attacks on Critical Infrastructure Since 2020
Unit 29155, a Russian GRU intelligence unit, accused of launching cyber-attacks targeting critical infrastructure for espionage and sabotage purposes since 2020.
View full story…
Critical Security Vulnerability Discovered in LiteSpeed Cache Plugin for WordPress
A critical security vulnerability in the LiteSpeed Cache plugin for WordPress allows unauthorized access to logged-in user accounts, potentially leading to an Administrator role takeover.
View full story…
GitHub Actions Vulnerable to Typosquatting Attacks
Security researchers at Orca reveal that GitHub Actions, a popular CI/CD platform, is susceptible to typosquatting attacks, potentially leading to the execution of malicious code by threat actors.
View full story…
Critical Apache OFBiz Vulnerability Allows Remote Code Execution
A critical vulnerability in the Apache OFBiz ERP system allows unauthenticated attackers to execute arbitrary code on both Linux and Windows systems, posing a significant risk to unpatched systems.
View full story…
Latest Cybernews
YubiKey 5 Series Devices Vulnerable to “Eucleak” Cryptographic Flaw
Security expert Thomas Roche of NinjaLab identifies a vulnerability in YubiKey 5 Series devices allowing threat actors to potentially clone the devices and compromise FIDO credentials.
View full story…
New Cross-Platform Backdoor Malware KTLVdoor Linked to Chinese Threat Actor Group Earth Lusca
Trend Micro researchers have identified a sophisticated cross-platform backdoor malware called KTLVdoor, linked to the Chinese threat actor group Earth Lusca, capable of targeting Microsoft Windows and Linux systems with advanced obfuscation techniques and encryption for malicious activities.
View full story…
US Department of Justice Seizes Russian Disinformation Domains
Russian government-backed disinformation campaign Doppelganger targeted US swing states in lead-up to 2024 election, using AI and fake influencers to spread propaganda and influence public opinion.
View full story…
Cisco Addresses Critical Vulnerabilities in Smart Licensing Utility
Cisco has released patches to fix vulnerabilities in its Smart Licensing Utility, including CVE-2024-20439, CVE-2024-20440, and CVE-2024-20469, which could allow attackers to gain unauthorized access and execute arbitrary commands.
View full story…
NIST Cybersecurity Framework 1.1: A Crucial Tool for Managing Cybersecurity Risks
The NIST Cybersecurity Framework 1.1 provides guidelines for organizations to assess and enhance their security posture, prioritize risk management actions, and improve communication using a common language.
View full story…