Cyber Attacks Cyber Security News

In a striking display of cyber sophistication, the advanced persistent threat (APT) group Earth Koshchei, also tracked as APT29 or Midnight Blizzard, has been linked to a massive rogue Remote Desktop Protocol (RDP) campaign. Earth Koshchei employs innovative tactics and red team tools in this campaign for espionage and data exfiltration using anonymization layers like The post Hackers Leverage Red Team Tools in RDP Attacks Via TOR & VPN for Data Exfiltration appeared first on Cyber Security News.

Researchers have identified a critical set of HTTP Response Splitting vulnerabilities in Kerio Control, a widely used Unified Threat Management (UTM) solution developed by GFI Software. The impact is severe, potentially enabling attackers to escalate low-severity issues into one-click remote command execution (RCE) attacks that grant root access to the firewall system. These vulnerabilities, collectively The post 1-Click RCE Attack in Kerio Control UTM Let Attackers Gain Root Access To the Firewall appeared first on Cyber Security News.

Cybercriminals increasingly leverage sophisticated HTML techniques to circumvent email security filters, putting users and organizations at greater risk of falling victim to phishing attacks. These attacks, often disguised as legitimate documents such as invoices or HR policies, exploit various HTML functions to deceive both users and security systems alike. HTML attachments have become a favored The post Hackers Exploiting HTML Functions to Bypass Email Security Filters appeared first on Cyber Security News.

In the ever-evolving landscape of cybersecurity, understanding how attackers establish and maintain their attack infrastructure is crucial for building robust defenses. A recent study by Juniper Threat Labs sheds light on the sophisticated methods attackers use to set up their operations, focusing on techniques like IP churn and changing hosting providers and how passive DNS The post Uncovering Attacker’s Infrastructure & Tactics Via Passive DNS appeared first on Cyber Security News.

Cybercriminals leverage high-profile events, such as global sporting championships, by registering fake domains to launch phishing and scam attacks. Researchers uncover suspicious domain registration campaigns, especially when event-specific terms or phrases are used in recently registered domains.  Event-related abuse focuses on patterns such as domain registrations, DNS traffic, URL traffic, most active domains, verdict change The post Hackers Attacking Sporting Events Via Fake Domains To Steal Logins appeared first on Cyber Security News.

Notorious ransomware group Brain Cipher has claimed to have breached Deloitte UK, allegedly exfiltrating over 1 terabyte of sensitive data from the professional services giant. Brain Cipher is a ransomware group that emerged in June 2024, quickly gaining notoriety for its cyberattacks on organizations worldwide. Notably, it was responsible for a significant attack on Indonesia’s The post Deloitte Hacked – Brain Cipher Ransomware Group Allegedly Stolen 1 TB of Data appeared first on Cyber Security News.

Cybersecurity firm Mandiant has uncovered a novel method to bypass browser isolation technologies, a widely used security measure designed to protect users from web-based attacks such as phishing and malware. This new way to get around security measures uses machine-readable QR codes to set up command-and-control (C2) communication. This shows where browser isolation systems used The post New QR Code-Based C2 Attack Lets Hackers Bypass All Type of Browser Isolation Security appeared first on Cyber Security News.

A Chinese hacking campaign, codenamed “Salt Typhoon” by Microsoft, has infiltrated more than 8 American telecommunications companies, stealing vast amounts of U.S. citizens’ phone data. Officials describe it as one of the largest intelligence compromises in U.S. history. The operation, significantly larger than previously known to the public, has affected dozens of countries worldwide and The post Chinese Salt Typhoon Hacked 8+ Telecoms To Stole U.S. Citizens Data appeared first on Cyber Security News.

Cybersecurity researchers from iVerify have revealed widespread new infections of the Pegasus spyware, developed by NSO Group (dubbed “Rainbow Ronin”), showing that spyware targets not only activists and journalists but also professionals and civilians. The company’s newly launched Mobile Threat Hunting feature has detected multiple instances of the infamous Pegasus spyware, developed by NSO Group The post Isreali NSO Group’s Pegasus Spyware Detected in New Mobile Devices appeared first on Cyber Security News.

Amazon Web Services (AWS) unveiled a new service, AWS Security Incident Response, designed to help organizations manage security events efficiently. As cyber threats become increasingly complex, this service offers a comprehensive solution to prepare for, respond to, and recover from incidents such as account takeovers, data breaches, and ransomware attacks. What is AWS Security Incident The post AWS Launched New Security Incident Response Service to Boost Enterprise Security appeared first on Cyber Security News.