Category: cyber-security-news
-
New Phishing Campaign Mimic Amazon Prime Membership To Steal Credit Card Data
New Phishing Campaign Mimic Amazon Prime Membership To Steal Credit Card Data A sophisticated phishing campaign targeting Amazon Prime members has been uncovered, aiming to steal credit card information and other sensitive data. Cybersecurity experts have identified a complex attack chain that leverages PDF attachments, redirects, and cleverly crafted phishing sites to deceive unsuspecting victims.…
-
New Docker 1-Click RCE Attack Exploits Misconfigured API Settings
New Docker 1-Click RCE Attack Exploits Misconfigured API Settings A newly disclosed attack method targeting Docker installations has raised significant security concerns among developers and system administrators. The vulnerability leverages a misconfigured Docker Engine API setting, allowing attackers to achieve remote code execution (RCE) with minimal user interaction. While Docker’s default settings are secure, enabling…
-
Stratoshark – Wireshark Has Got a Friend for Cloud
Stratoshark – Wireshark Has Got a Friend for Cloud The creators of Wireshark, Gerald Combs and Loris Degioanni, have unveiled Stratoshark, a groundbreaking tool designed to bring Wireshark’s renowned capabilities into the cloud era. Building on over 25 years of experience with Wireshark, which has become a staple for network analysis with over 5 million…
-
Mario Duarte, Former Snowflake Cybersecurity Leader, Joins Aembit as CISO to Tackle Non-Human Identities
Mario Duarte, Former Snowflake Cybersecurity Leader, Joins Aembit as CISO to Tackle Non-Human Identities Aembit, the non-human IAM company, today announced the appointment of Mario Duarte as chief information security officer (CISO). Duarte, formerly head of security at Snowflake, joins Aembit with a deep commitment to address pressing gaps in non-human identity security. Duarte’s journey…
-
Zimbra Remote Command Execution Vulnerability (CVE-2024-45519) – Exploit POC Released
Zimbra Remote Command Execution Vulnerability (CVE-2024-45519) – Exploit POC Released Zimbra, a popular email and collaboration platform, has issued a crucial security update to patch a severe vulnerability in its postjournal service. Identified as CVE-2024-45519, this flaw allows unauthenticated attackers to execute arbitrary commands on affected Zimbra installations. The vulnerability was discovered in Zimbra’s post-journal…
-
Evil Corp Cyber Criminals Group Identity Exposed Along with Lockbit Affiliate
Evil Corp Cyber Criminals Group Identity Exposed Along with Lockbit Affiliate Authorities in the UK, US, and Australia have sanctioned sixteen individuals linked to Evil Corp, a group once considered the pinnacle of global cyber threats. This move exposes their connections to the Russian state and other infamous ransomware groups, including LockBit. The National Crime…
-
New Bluetooth Vulnerability Leak Your Passcode to Hackers While Pairing
New Bluetooth Vulnerability Leak Your Passcode to Hackers While Pairing A recently identified vulnerability in Bluetooth technology, identified as CVE-2020-26558, poses a significant security risk to devices supporting various Bluetooth Core Specifications. This vulnerability, known as “Impersonation in the Passkey Entry Protocol,” affects devices using the Passkey Entry association model in BR/EDR Secure Simple Pairing,…
-
Authorities Unmasked LockBit Affiliate Evil Corp Key Member
Authorities Unmasked LockBit Affiliate Evil Corp Key Member Law enforcement agencies have identified Russian national Aleksandr Viktorovich Ryzhenkov as a key member of the notorious Evil Corp cybercrime group and a LockBit ransomware affiliate. Ryzhenkov, also known by his alias “Beverley,” has been linked to over 60 LockBit ransomware builds and is believed to have…