Security News

New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

2024-03-29 10:49

Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the...

#hijacking #leak #linux #CVE-2024-28085

AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking

2024-03-22 13:45

Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited...

#AWS #critical #hijacking

Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts

2024-03-20 06:48

The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20...

#arrest #email #hijacking #instagram #ukraine

SIM swappers hijacking phone numbers in eSIM attacks

2024-03-14 18:08

SIM swappers have adapted their attacks to steal a target's phone number by porting it into a new eSIM card, a rewritable SIM chip present on many recent smartphone models. Russian cybersecurity firm F.A.C.C.T. reports that SIM swappers in the country and worldwide have been taking advantage of this shift to eSIMs to hijack phone numbers and bypass protections to access bank accounts.

#attack #hijacking #phone #SIM

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

2024-03-08 08:09

Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted...

#cisco #hijacking #patch #VPN #CVE-2024-20337

Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams

2024-03-05 10:53

A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. “Savvy Seahorse is a DNS threat actor who...

#cybercriminal #DNS #hijacking #scam

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

2024-03-05 10:25

The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for...

#attack #hijacking #ntlm

Ongoing Microsoft Azure account hijacking campaign targets executives

2024-02-12 19:16

A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives. The attacks employ documents sent to targets that embed links masqueraded as "View document" buttons that take victims to phishing pages.

#azure #hijacking #microsoft

Blackwood APT delivers malware by hijacking legitimate software update requests

2024-01-25 11:19

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. It leverages adversary-in-the-middle techniques to hijack update requests from legitimate software to deliver the implant.

#APT #hijacking #malware #update

GitLab warns of critical zero-click account hijacking vulnerability

2024-01-12 17:54

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The most critical security issue GitLab patched has the maximum severity score and is being tracked as CVE-2023-7028.

#critical #gitlab #hijacking #vulnerability #CVE-2023-6955 #CVE-2023-4812 #CVE-2023-7028

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News