A critical security flaw has been disclosed in Fortra FileCatalyst Workflow that, if left unpatched, could allow an attacker to tamper with the application database. Tracked as CVE-2024-5276, the vulnerability carries a CVSS score of 9.8. It impacts FileCatalyst Workflow versions 5.1.6 Build 135 and earlier. It has been addressed in version 5.1.6 build 139. "An SQL injection vulnerability in

Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft. [...]

Recently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit the Federal Reserve, the central bank of the United States. Except, the rumor has been quashed. [...]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. [...]

The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. [...]

A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following versions - From 2023.0.0 before 2023.0.11 From 2023.1.0 before 2023.1.6, and&

Threat actors are attempting to exploit a critical authentication bypass flaw impacting Progress MOVEit Transfer, which the vendor disclosed yesterday. [...]

Microsoft has released the Windows 11 KB5039302 preview update for Windows 11 version 22H2, bringing several new features and fixes. [...]

Microsoft has released the KB5039299 update for Windows 10 version 22H2 with up to ten bug fixes or changes, including a fix for "Open With" dialog boxes being shown when using apps. [...]

SentinelLabs, la division de recherche de SentinelOne , a analysé, en collaboration avec Recorded Future, deux groupes APT chinois distincts ciblant des entités gouvernementales et des infrastructures critiques au niveau mondial entre 2021 et 2023.  Tribune – Cette étude met en évidence l’utilisation stratégique des ransomwares par les acteurs du cyber espionnage à des fins […]

The post Le Lab de SentinelOne révèle les activités de 2 groupes de hackers chinois first appeared on UnderNews.

A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data. [...]

Un outil utilisé majoritairement par la police pour intercepter les conversations téléphoniques a été mis en vente sur eBay.

VPNs are not all created equal – make sure to choose the right provider that will help keep your data safe from prying eyes

Threat actors with suspected ties to China and North Korea have been linked to ransomware and data encryption attacks targeting government and critical infrastructure sectors across the world between 2021 and 2023. While one cluster of activity has been associated with the ChamelGang (aka CamoFei), the second cluster overlaps with activity previously attributed to Chinese and North Korean

The heightened regulatory and legal pressure on software-producing organizations to secure their supply chains and ensure the integrity of their software should come as no surprise. In the last several years, the software supply chain has become an increasingly attractive target for attackers who see opportunities to force-multiply their attacks by orders of magnitude. For example, look no

Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro. "When your headphones are seeking a connection request to one of your previously

Avec 83% des Français inquiets des risques de piratage, protéger les données confidentielles est devenu primordial selon OpenText Cybersecurity. Dans les secteurs stratégiques tels que le tourisme et l’hôtellerie, garantir l’intégrité des systèmes informatiques est crucial. Tribune OpenText Cybersecurity – « Le chiffre d’affaires de la cybermenace étant très lucratif, cela aiguise des appétits » […]

The post JO Paris 2024 entre cybermenaces et tourisme : quand la cyberdéfense devient la nouvelle épreuve reine first appeared on UnderNews.

Multiple content management system (CMS) platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer. A web skimmer refers to malware that is injected into e-commerce sites with the goal of stealing financial and payment information.  According to Sucuri, the latest campaign entails making malicious modifications to the

Cybersecurity researchers have discovered an updated version of an Android banking trojan called Medusa that has been used to target users in Canada, France, Italy, Spain, Turkey, the U.K., and the U.S. The new fraud campaigns, observed in May 2024 and active since July 2023, manifested through five different botnets operated by various affiliates, cybersecurity firm Cleafy said in an analysis