Blog – Page 1006 – Cyber Mike

Say Goodbye to Phishing: Must-Haves to Eliminate Credential Theft

Even as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials (Verizon DBIR, 2024). Solving this problem resolves over 80% of your corporate risk, and a solution is possible.
However, most tools available on the market today cannot offer a complete defense against this attack vector because they were architected to

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims’ banking credentials.
“The mechanisms include using malformed ZIP files in combination with JSONPacker,” Cleafy security researchers Michele Roviello and Alessandro Strino said. “In addition,

New ‘Hadooken’ Linux Malware Targets WebLogic Servers

The recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families.

The post New ‘Hadooken’ Linux Malware Targets WebLogic Servers appeared first on SecurityWeek.

House Report Shows Chinese Cranes a Security Risk to US Ports

A joint report from the Committees on China and Homeland Security warns of the security risks posed by Chinese cranes in US ports.

The post House Report Shows Chinese Cranes a Security Risk to US Ports appeared first on SecurityWeek.

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks.
The activity is said to have commenced on August 30, 2024, a mere five hours after a PoC was released for CVE-2024-6670 (CVSS score: 9.8) by security researcher Sina Kheirkhah of the Summoning Team, who

UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy

The designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate.

The post UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy appeared first on SecurityWeek.

UK Teen Arrested Over Transport for London Hack

A 17-year-old from England has been arrested by the NCA over the recent cyberattack on Transport for London.

The post UK Teen Arrested Over Transport for London Hack appeared first on SecurityWeek.

1.3 Million Android TV Boxes Infected by Vo1d Malware

Doctor Web warns of the new Vo1d Android malware infecting roughly 1.3 million TV boxes running older OS versions.

The post 1.3 Million Android TV Boxes Infected by Vo1d Malware appeared first on SecurityWeek.

GitLab Updates Resolve Critical Pipeline Execution Vulnerability

GitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw.

The post GitLab Updates Resolve Critical Pipeline Execution Vulnerability appeared first on SecurityWeek.

Fortinet Data Breach Impacts Customer Information

Fortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company.

The post Fortinet Data Breach Impacts Customer Information appeared first on SecurityWeek.

Cyber News