Cybersecurity

Hacking alert from spies delays ballots for UK PM race

The voting process for the next British prime minister – to be elected by Conservative Party members between former Chancellor Rishi Sunak and Foreign Secretary Liz Truss – has been delayed after an alert from the country’s spies that cyber hackers could change members’…

FEMA warns emergency alert systems could be hacked to transmit fake messages unless software is updated

Vulnerabilities in software that TV and radio networks around the country use to transmit emergency alerts could allow a hacker to broadcast fake messages over the alert system, a Federal Emergency Management Agency official tells CNN. A cybersecurity researcher…

Russian organizations attacked with new Woody RAT malware

Unknown attackers target Russian entities with newly discovered malware that allows them to control and steal information from compromised devices remotely. According to Malwarebytes, one of the Russian organizations that were attacked using this malware is a…

Several crypto platforms targeted in multimillion-dollar attacks

A handful of crypto platforms have been hacked over the last 24 hours, resulting in millions of dollars in stolen funds, a day after a brazen attack on the platform Nomad nearly emptied its coffers. The incident that drew the most concern was a wide-ranging attack on thousands of…

Cloned Atomic Wallet website is pushing Mars Stealer malware

A fake website impersonating the official portal for the Atomic wallet, a popular decentralized wallet that also operates as a cryptocurrency exchange portal, is, in reality, distributing copies of the Mars Stealer information-stealing malware. The phony website…

Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

A new, large-scale phishing campaign has been observed using adversary-in-the-middle (AitM) techniques to get around security protections and compromise enterprise email accounts. "It uses an adversary-in-the-middle (AitM) attack technique capable of bypassing…

Cisco fixes critical remote code execution bug in VPN routers

Cisco has fixed critical security vulnerabilities affecting Small Business VPN routers and enabling unauthenticated, remote attackers to execute arbitrary code or commands and trigger denial of service (DoS) conditions on vulnerable devices. The two security flaws…

Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks

A critical, pre-authenticated remote code execution (RCE) vulnerability has cropped up in the widely used line of DrayTek Vigor routers for smaller businesses. If it's exploited, researchers warn that it could allow complete device takeover, along with access to the broader network…

Ukraine takes down 1,000,000 bots used for disinformation

The Ukrainian cyber police (SSU) has shut down a massive bot farm of 1,000,000 bots used to spread disinformation on social networks. The goal of the bot farm was to discredit information coming from official Ukrainian state sources, destabilize the social and political…

VMWare Urges Users to Patch Critical Authentication Bypass Bug

Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain. VMware and experts alike are urging users to patch multiple products affected by a critical authentication bypass vulnerability that can…