Security
Headlines
HeadlinesLatestCVEs

Latest News

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications companies.  Trend Micro, which described the hacking group as an aggressive advanced persistent threat (APT), said the intrusions also involved the use of another cross-platform backdoor dubbed

The Hacker News
Open in Source
#backdoor#The Hacker News
CVE-2024-49052: Microsoft Azure PolicyWatch Elevation of Privilege Vulnerability

**Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?** This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. This purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.

CVE-2024-49038: Microsoft Copilot Studio Elevation Of Privilege Vulnerability

**Why are there no links to an update or instructions with steps that must be taken to protect from this vulnerability?** This vulnerability has already been fully mitigated by Microsoft. There is no action for users of this service to take. This purpose of this CVE is to provide further transparency. Please see Toward greater transparency: Unveiling Cloud Service CVEs for more information.

CVE-2024-49035: Partner.Microsoft.Com Elevation of Privilege Vulnerability

**Why is no action required to install this update?** This CVE addresses a vulnerability in the Microsoft Power Apps online version only. As such, customers do not need to take any action because releases are rolled out automatically over several days. For more information about the releases for Microsoft Power Apps see What's new in Power Apps?.

CVE-2024-49053: Microsoft Dynamics 365 Sales Spoofing Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to click on a specially crafted URL to be compromised by the attacker.

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.8), concerns a case of missing authentication that

GHSA-486g-47cc-8wxf: aiocpa contains credential harvesting code

aiocpa is a user-facing library for generating color gradients of text. Version 0.1.13 introduced obfuscated, malicious code targeting Crypto Pay users, forwarding client credentials to a remote Telegram bot. All versions have been removed from PyPI.

GLASSBRIDGE: Google Blocks Thousands of Pro-China Fake News Sites

Google reveals GLASSBRIDGE: A network of thousands of fake news sites pushing pro-China narratives globally. These sites, run by PR firms, spread disinformation and lack transparency.

Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets

The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.

Phishing Prevention Framework Reduces Incidents by Half

The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.