Breaking (Cyber) News

Keep abreast of breaking cyber security news and evolution in the cyber threat landscape

RSS The Hacker News
  • Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts
    A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question, pled guilty to one count of computer fraud in December 2023 following his arrest in July. "At the time of both attacks,
  • U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
    The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir ‘Abdallah al-Kahlut, 39, also known as Abu Ubaida, has served as the public spokesperson of Izz al-Din al-Qassam Brigades, the military wing of Hamas, since at […]
  • Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
    Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company's Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work of a single threat actor of
RSS CSO Online
  • Attackers exploit critical zero-day flaw in Palo Alto Networks firewalls
    Network security vendor Palo Alto Networks released mitigation instructions for an actively exploited vulnerability in PAN-OS, the software that powers its next-generation firewall (NGFW) products. The company is still working on developing software patches. The vulnerability, tracked as CVE-2024-3400, is described as a command injection issue and is located in the GlobalProtect feature of PAN-OS. […]
  • CISA orders US government agencies to check email systems for signs of Russian compromise
    Russian nation-state hackers have exploited a recent Microsoft email compromise to steal the emails of government agencies, the US Cybersecurity and Infrastructure Security Agency (CISA) has reiterated in a new alert. The warning ordered agencies to urgently check their email systems for signs of compromise and report back by April 30 if they believe specific […]
  • CISA opens its malware analysis and threat hunting tool for public use
    The US Cybersecurity and Infrastructure Security Agency (CISA) is opening a government tool for analyzing malware to all. Malware Next-Gen is already used by US government agencies to submit malware samples and other suspicious artifacts for examination by CISA analysts in a secure environment, and can now be accessed by organizations and individuals who create […]
RSS darkreading
RSS Sophos News
RSS GBHackers on Security | #1 Globally Trusted Cyber Security News Platform
  • Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild
    In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its GlobalProtect Gateway, identified as CVE-2024-3400. This flaw, rooted in the PAN-OS operating system, has already been exploited in a limited number of attacks, raising alarms across the cybersecurity community. CVE-2024-3400 is classified under CWE-77, which pertains to the improper neutralization of […]
  • 6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers
    The software supply chain is filled with various challenges, such as untracked security vulnerabilities in open-source components and inconsistent update uptake.  The lighttpd vulnerability was silently fixed in 2018 without any CVE assignment in a single instance of vulnerability detection. As a result, critical security patches are often lost on downstream software that relies on […]
  • Hackers Employ Deepfake Technology To Impersonate as LastPass CEO
    A LastPass employee recently became the target of an attempted fraud involving sophisticated audio deepfake technology. This incident underscores the urgent need for heightened cybersecurity awareness and the implementation of robust verification processes within organizations. The Rise of Deepfake Technology Deepfake technology, which employs generative artificial intelligence to create hyper-realistic audio or visual content, has […]

Join Our Newsletter