Cyber Security News

  • CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery

    July 26, 2024

    Automation 360 Robotic Process Automation suite v21-v32 is vulnerable to unauthenticated Server-Side Request Forgery (SSRF). SSRF occurs when the server can be induced to perform arbitrary requests on behalf of an attacker. An attacker with unauthenticated access to the Automation 360 Control Room HTTPS service (port 443) or HTTP service (port 80) can trigger arbitrary web ...

  • Guernsey: Warning after spike in cyber-attacks

    July 25, 2024

    Authorities have warned organisations to take extra measures to protect their IT systems after a spike in cyber-attacks in Guernsey. The Office of the Data Protection Authority (ODPA) said some Microsoft 365 systems had been compromised by phishing attacks, where someone is tricked into giving out information over email. It warned criminals were becoming increasingly adept ...

  • Onyx Sleet uses array of malware to gather intelligence for North Korea

    July 25, 2024

    On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking activity associated with Onyx Sleet. Microsoft will continue to closely monitor Onyx Sleet’s activity to assess ...

  • Pentagon contractor Leidos hit by data breach Internal documents leaked on cybercrime forum

    July 25, 2024

    Hackers have reportedly leaked internal documents stolen from Leidos Holdings Inc., a company with a significant contract portfolio including the US Defense Department, Homeland Security, and NASA. A person with knowledge of the matter told Bloomberg News that the company believes the documents leaked by hackers were stolen during a previously disclosed breach at Diligent Corporation. ...

  • Data breach exposes US spyware maker behind Windows, Mac, Android and Chromebook malware

    July 25, 2024

    A little-known spyware maker based in Minnesota has been hacked, TechCrunch has learned, revealing thousands of devices around the world under its stealthy remote surveillance. A person with knowledge of the breach provided TechCrunch with a cache of files taken from the company’s servers containing detailed device activity logs from the phones, tablets, and computers that ...

  • Russian banking sector faced DDoS attack planned from abroad

    July 24, 2024

    The Russian banking sector was exposed to a DDoS attack planned from overseas, the VTB Bank press service told TASS. “The banking sector was exposed to the DDoS attack orchestrated from overseas. A minor share of VTB clients faced individual constraints in operations of bank apps due to the high load on the infrastructure of Internet ...

  • Cyberattack closes Jefferson County Clerk’s Office, all motor vehicle branches

    July 24, 2024

    A cyber attack forced the Jefferson County Clerk’s Office to close its eight branches this week. The attack was first discovered at 2:24 a.m. Monday, said Ashley Tinius, a spokesperson for the office. The office has been working with a private cybersecurity firm and law enforcement to investigate the attack and repair its system, Tinius said. ...

  • Telegram Zero-Day Let Hackers To Spread Malware Hidden in Videos

    July 24, 2024

    Cybersecurity researchers at ESET discovered a zero-day vulnerability that targeted the Telegram for Android app and sent malicious files disguised as videos through chats. The zero-day exploit, dubbed “EvilVideo,” allowed hackers to share Android payloads via Telegram channels, groups, and chats, and make them appear to be multimedia files. This exploit targeted only Android Telegram versions ...

  • Stargazers Ghost Network

    July 24, 2024

    Recently, Check Point Research observed threat actors using GitHub to achieve initial infections by utilizing new methods. Previously, GitHub was used to distribute malicious software directly, with a malicious script downloading either raw encrypted scripting code or malicious executables. Their tactics have now changed and evolved. Threat actors now operate a network of “Ghost” accounts that ...

  • EU to toughen cyberattack defence strategy for healthcare sector

    July 24, 2024

    Political Guidelines 2024-2029 published before Von der Leyen’s reappointment as president of the EU executive last week included suggested a new action plan on cybersecurity of hospitals and healthcare providers will be presented in the first 100 days of the new mandate. The Guidelines were published a day before a massive IT outage brought hospitals and ...

  • TracFone will pay $16 million to settle FCC data breach investigation

    July 24, 2024

    Following three separate data breaches between 2021 and 2023 which exposed the proprietary information (PI) of TracFone Wireless customers, the Federal Communications Commission (FCC) announced that the Verizon-owned company has agreed to pay a $16 million civil penalty to settle the government investigation, and it has made an agreement to improve its application programming interface ...