Latest Cybersecurity News

Yet Another Way to Bypass Google Chrome's Encryption Protection

Dark Reading

Yet Another Way to Bypass Google Chrome's Encryption Protection

Authors of the VoidStealer Trojan uncovered a way to get around Google's App-Bound Encryption (ABE), opening the door to infostealers.

Dark Reading1d ago1m2

Instructure Breach Exposes Schools' Vendor Dependence

Dark Reading

Instructure Breach Exposes Schools' Vendor Dependence

ShinyHunters' attack on Instructure, which owns the widely used Canvas learning management system (LMS), carries big questions about the trust educational institutions put into their vendors.

Dark Reading1d ago1m2

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

The Hacker News

Mirai-Based xlabs_v1 Botnet Exploits ADB to Hijack IoT Devices for DDoS Attacks

xlabs_v1 botnet exploits ADB port 5555 to recruit IoT devices, enabling 21 DDoS methods and bandwidth-tiered attacks on gaming servers

The Hacker News1d ago4m2

Critical vm2 sandbox bug lets attackers execute code on hosts

BleepingComputer1d ago3m2

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary code on the host system.

New Cisco DoS flaw requires manual reboot to revive devices

BleepingComputer1d ago3m2

New Cisco DoS flaw requires manual reboot to revive devices

Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted systems for recovery.

DAEMON Tools devs confirm breach, release malware-free version

BleepingComputer1d ago3m2

DAEMON Tools devs confirm breach, release malware-free version

Disc Soft Limited, the maker of DAEMON Tools Lite, confirmed that the software had been trojanized in a supply chain attack and released a new, malware-free version.

Autonomous Offensive Security Firm XBOW Raises $35 Million

SecurityWeek

Autonomous Offensive Security Firm XBOW Raises $35 Million

The company raised another $35 million as an extension to its previously announced Series C funding round.

SecurityWeek1d ago2m2

Why ransomware attacks succeed even when backups exist

BleepingComputer1d ago6m2

Why ransomware attacks succeed even when backups exist

Backups don't fail because they're missing, they fail because attackers destroy them first. Acronis explains how ransomware targets backup systems before encryption, leaving no path to recovery.

Herd Security Raises $3 Million for AI-Powered Training Platform

SecurityWeek

Herd Security Raises $3 Million for AI-Powered Training Platform

The startup will invest in expanding its training categories, optimizing video generation, and growing its partnership ecosystem.

SecurityWeek1d ago2m2

MuddyWater hackers use Chaos ransomware as a decoy in attacks

BleepingComputer1d ago3m3

MuddyWater hackers use Chaos ransomware as a decoy in attacks

The MuddyWater Iranian hackers disguised their operations as a Chaos ransomware attack, relying on  Microsoft Teams social engineering to gain access and establish persistence.

Iranian APT Intrusion Masquerades as Chaos Ransomware Attack

SecurityWeek

Iranian APT Intrusion Masquerades as Chaos Ransomware Attack

Likely perpetrated by MuddyWater, the attack combined social engineering, persistence, credential harvesting, and data theft.

SecurityWeek1d ago3m3

MuddyWater Uses Microsoft Teams to Steal Credentials in False Flag Ransomware Attack

The Hacker News