Author: nlqip
Oct 28, 2024Ravie LakshmananCyber Security / Hacking News Cybersecurity news can sometimes feel like a never-ending horror movie, can’t it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your…
Read More
Oct 28, 2024The Hacker NewsOperational Technology / Cybersecurity Operational Technology (OT) security has affected marine vessel and port operators, since both ships and industrial cranes are being digitalized and automated at a rapid pace, ushering in new types of security challenges. Ships come to shore every six months on average. Container cranes are mostly automated.…
Read More
Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. “The campaigns target sensitive information from different crypto wallets, including Coinbase, MetaMask, Phantom, Trezor, and Bitbuy, as well as login credentials…
Read More
Security Information and Event Management (SIEM) systems play a crucial role in modern cybersecurity strategies. These powerful tools collect, analyze, and correlate data from various sources across an organization’s IT infrastructure to detect and respond to security threats. However, the effectiveness of a SIEM solution heavily depends on how well an organization manages and retains…
Read More
Oct 28, 2024Ravie LakshmananVulnerability / Windows Security A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. “This bypass allows loading unsigned kernel drivers, enabling attackers to deploy custom rootkits that can neutralize security controls, hide processes and network…
Read More
Fog and Akira ransomware operators are increasingly breaching corporate networks through SonicWall VPN accounts, with the threat actors believed to be exploiting CVE-2024-40766, a critical SSL VPN access control flaw. SonicWall fixed the SonicOS flaw in late August 2024, and roughly a week later, it warned that it was already under active exploitation. At the…
Read More
Windows 11 24H2 is unavailable for thousands of users due to safeguard or compatibility holds Microsoft has placed on specific device and software configurations. Microsoft places compatibility holds on specific devices using hardware or applications that may conflict with Windows 11 24H2, causing crashes, performance issues, freezes, or other unusual behavior. These holds will prevent…
Read More
A threat actor claimed that they have and are selling 280 million U.S. citizens’ personal data on dark web. According to the post of the threat actor, the data includes; First_Name、Last_Name Address、City、State、ZIP Ind_Date_Of_Birth_Year、Ind_Age Home_Value_Code、Home_Median_Value_Code、Median_Income_Code Email、Phone They are also claiming that they can provide sample data to the prospects. Meanwhile, they did not mention the source…
Read More
Cisco has added new security features that significantly mitigate brute-force and password spray attacks on Cisco ASA and Firepower Threat Defense (FTD), helping protect the network from breaches and reducing resource utilization on devices. Password spray and brute force attacks are similar in that they both attempt to gain unauthorized access to an online account by guessing…
Read More
Attackers can downgrade Windows kernel components to bypass security features such as Driver Signature Enforcement and deploy rootkits on fully patched systems. This is possible by taking control of the Windows Update process to introduce outdated, vulnerable software components on an up-to-date machine without the operating system changing the fully patched status. Downgrading Windows SafeBreach…
Read More