Teen Arrested In Connection With Transport For London Cyberattack
A 17-year-old male was arrested in Walsall following a major cyberattack on Transport for London (TfL), the agency responsible for the city’s transit systems. The…
Month: September 2024
GitLab warns of critical pipeline execution vulnerability
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain…
Exploitation Zero-Day Vulnerabilities Remote Access Became Prime Target
The cybersecurity landscape in 2024 has been marked by a significant surge in malware and vulnerabilities. The Key trends include the expansion of Ransomware-as-a-Service (RaaS),…
Hackers Exploiting Progress WhatsUp RCE Vulnerability In The Wild
RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-2024-6671, patched on August 16,…
Aembit Raises $25 Million in Series A Funding for Non-Human Identity and Access Management
Silver Spring, United States, September 12th, 2024, CyberNewsWire The investment will drive the company’s advancement of scalable workload access management for enterprises Aembit, the leading…
Suspect arrested over the Transport for London cyberattack
The UK National Crime Agency has arrested and detained a suspect – a 17-year-old male in Walsall (West Midlands) – on suspicion of Computer Misuse…
New Vo1d Malware Infects 1.3 Million Android TV Boxes Worldwide
Sep 12, 2024Ravie LakshmananMalware / IoT Security Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning…
Data sharing for immigration raids ferments hostility to migrants
Public data sharing designed to facilitate immigration enforcement raids are rarely effective, and instead works as a surveillance mechanism to deter migrants from accessing vital…
WordPress To Mandate 2FA for Theme And Plugin Developers
Beginning on October 1st, 2024, WordPress will mandate two-factor authentication (2FA) for plugin and theme creators as a new security measure. Themes and plugins that…
CosmicBeetle Exploiting Old Vulnerabilities To Attacks SMBs All Over The World
CosmicBeetle, a threat actor specializing in ransomware, has recently replaced its old ransomware, Scarab, with ScRansom, a custom-built ransomware that continues to evolve. The threat…
Hackers Mimic Top Brands in Global Crypto Scam
Cybercriminals are increasingly targeting retail affiliate programs with sophisticated cryptocurrency scams. Retailers and customers must stay alert against domain fraud, brand impersonation, and online Ponzi…
Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking
Sep 12, 2024Ravie LakshmananCryptocurrency / Network Security Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. “Selenium…