Cybersecurity News | CyberSecured 24x7

01 Sep

Exploit Code Published for Critical-Severity VMware Security Defect

Just days after shipping a major security update to correct vulnerabilities in its Aria Operations for Networks product line, VMWare is warning that exploit code has been published online. In an updated advisory, the virtualization technology giant confirmed the public release of exploit code that provides a roadmap for hackers to bypass SSH authentication and gain access to the Aria Operations for Networks command line interface. The exploit code and root-cause analysis, released by SinSinology…

01 Sep

What you need to know about iCloud Private Relay

Information

If you want to try to enter the world of VPNs with a small dip, then iCloud Private Relay is your friend — but is it a true VPN service? The devil is in the details.

01 Sep

Fake Signal and Telegram apps – Week in security with Tony Anscombe

Information

ESET research uncovers active campaigns targeting Android users and spreading espionage code through the Google Play store, Samsung Galaxy Store and dedicated websites

01 Sep

Why is .US Being Used to Phish So Many of Us?

Information, Insights

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.…

01 Sep

VMware Releases Security Update for Tools

Attacks, Insights, Malware

VMware has released a security update to address a vulnerability in VMware Tools. A cyber threat actor can exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review VMware Security Advisory VMSA-2023-0019 and apply the necessary update.

01 Sep

In Other News: Hacking Encrypted Linux Computers, Android Fuzzing, Skype Leaking IPs

Information, News

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

01 Sep

Free Decryptor Available for ‘Key Group’ Ransomware

Information, News

Cyber intelligence firm EclecticIQ on Thursday announced the release of a free decryption tool to help victims of the Key Group ransomware recover their data without having to pay a ransom. Also known as keygroup777, Key Group is a Russian-speaking cybercrime actor known for selling personally identifiable information (PII) and access to compromised devices, as well as extorting victims for money. The group has been observed using private Telegram channels to communicate with members and…

01 Sep

Elon Musk Says X, Formerly Twitter, Will Have Voice and Video Calls, Updates Privacy Policy

Information, News

Elon Musk said Thursday that his social network X, formerly known as Twitter, will give users the ability to make voice and video calls on the platform. Musk, who has a history of making proclamations about coming features and policies that have not always come to fruition, did not say when the features would be available to users. The company also updated its privacy policies that will allow for the collection of biometric data and…

31 Aug

BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps

Information

ESET researchers have discovered active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code that has previously targeted Uyghurs

31 Aug

ESET Research Podcast: Unmasking MoustachedBouncer

Information

Listen as ESET’s Director of Threat Research Jean-Ian Boutin unravels the tactics, techniques and procedures of MoustachedBouncer, an APT group taking aim at foreign embassies in Belarus

CyberSecurity Updates

Exploit Code Published for Critical-Severity VMware Security Defect

What you need to know about iCloud Private Relay

Fake Signal and Telegram apps – Week in security with Tony Anscombe

Why is .US Being Used to Phish So Many of Us?

VMware Releases Security Update for Tools

In Other News: Hacking Encrypted Linux Computers, Android Fuzzing, Skype Leaking IPs

Free Decryptor Available for ‘Key Group’ Ransomware

Elon Musk Says X, Formerly Twitter, Will Have Voice and Video Calls, Updates Privacy Policy

BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps

ESET Research Podcast: Unmasking MoustachedBouncer

Search

The 6 Stages of a Vulnerability Management Process

Get Cybersecurity Alerts

Read More

Categories

Site Navigation

Resources