Skip to content
cyber attacks Page 44

cyber attacks

Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters

Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters

Aug 20, 2024Ravie LakshmananVulnerability / Container Security Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for… 

Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware

Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware

Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering a new intelligence-gathering tool called AnvilEcho. Enterprise security company Proofpoint… 

Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America

Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America

Aug 20, 2024Ravie LakshmananMalware / Cyber Espionage Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities and individuals in Colombia, Ecuador, Chile, Panama, and other Latin… 

Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information

Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information

Aug 20, 2024Ravie LakshmananEnterprise Security / Data Breach Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have been found susceptible to leaking sensitive customer information. “A potential… 

CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks

CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks

Aug 20, 2024Ravie LakshmananVulnerability / Ransomware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks.… 

Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware

Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware

Aug 19, 2024Ravie LakshmananMalvertising / Cybercrime Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat. “These attacks are opportunistic in nature, targeting users seeking popular business… 

Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks

Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks

Aug 19, 2024Ravie LakshmananCloud Security / Threat Intelligence Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services. “Attackers… 

Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group

Aug 19, 2024Ravie LakshmananVulnerability / Zero-Day A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as…