Articles tagged "Critical"

Found 906 articles

BlackFile hackers are using voice phishing, or vishing, to target the retail and hospitality sectors. They make calls using spoofed numbers to pose as IT support, tricking employees into revealing sensitive information. This method allows them to gather data for potential extortion. Companies in these industries should be vigilant as the attackers exploit trust in IT communications to gain access to critical systems. The rise of such tactics underscores the need for enhanced security training for staff to recognize and respond to these types of scams.

Read Original

Itron, a technology supplier for utility companies, has reported a cyber incident but believes that its operations remain unaffected. The company has not provided detailed information about the nature of the attack or whether any sensitive data was compromised. Despite the incident, Itron reassured stakeholders that it does not expect any significant impact on its business. This revelation raises concerns about the cybersecurity measures in place within critical infrastructure sectors, as attacks on utility suppliers can have broader implications for service delivery and public safety. Stakeholders in the utilities sector should remain vigilant and conduct thorough assessments of their cybersecurity protocols.

Read Original

Researchers have discovered a malware framework called 'fast16' that dates back to 2004, making it five years older than the notorious Stuxnet. This malware is believed to have been used in cyber sabotage efforts, potentially setting a precedent for future attacks on critical infrastructure. The implications of this discovery are significant, as it suggests that sophisticated cyber threats have been around longer than previously understood. Fast16’s existence raises concerns about the security of various industrial systems that may still be vulnerable to similar attacks. Understanding its capabilities and origins could help organizations better defend against current and future threats.

Read Original

Researchers have discovered a malware strain called 'fast16' that is believed to have targeted Iran's nuclear program before the well-known Stuxnet attack. This malware predates Stuxnet and indicates that cyber attacks on critical infrastructure may have been more advanced than previously thought. Fast16's potential use against Iran's nuclear facilities raises concerns about the cybersecurity of similar systems worldwide. Understanding this malware could provide insights into the tactics and techniques used by attackers in state-sponsored cyber operations, making it essential for governments and companies to enhance their defenses against such threats.

Read Original

Itron, a major utility company, reported a security breach after unauthorized access to its internal IT systems was detected on April 13, 2026. The company quickly activated its incident response plan and brought in external cybersecurity experts to address the situation. Authorities were also notified as part of the response process. While specific details about the extent of the breach or the data involved have not been disclosed, incidents like this can pose significant risks to utility services and customer data security. The breach raises concerns about the vulnerabilities within critical infrastructure sectors and the potential impact on services reliant on Itron's technology.

Read Original

The latest Security Affairs Malware newsletter highlights several emerging cybersecurity threats. One notable mention is Morpheus, a new spyware linked to IPS Intelligence, which poses risks to user privacy and data security. Additionally, the newsletter discusses DarkSword and Coruna, which are targeting vulnerabilities in iPhones, suggesting that even this previously secure platform is now at risk. Another significant threat is the Lotus Wiper, aimed at the energy and utilities sector, indicating a growing trend of cyberattacks on critical infrastructure. Lastly, a new variant of NGate has been reported, showcasing the ever-evolving landscape of malware. These developments emphasize the need for companies and individuals to stay vigilant and update their security measures.

Read Original

Researchers at SentinelOne have discovered a previously unknown malware framework called 'fast16,' which dates back to 2005. This Lua-based malware was designed to target high-precision calculation software, which is often used in engineering and industrial applications. The malware predates the infamous Stuxnet worm, which was aimed at disrupting Iran's nuclear program. The implications of fast16 are significant as it shows that cyber sabotage efforts have been in play for much longer than previously thought, raising concerns about the security of critical infrastructure and industrial systems. Companies using this type of software need to be aware of the potential risks and take steps to protect their systems.

Read Original
Actively Exploited

The U.S., UK, and eight other allied nations have issued a warning regarding sophisticated cyber operations linked to Chinese state-sponsored groups. These operations involve the exploitation of hacked routers and Internet of Things (IoT) devices worldwide, forming extensive botnets. These botnets are being utilized for various malicious activities, including data theft and disruptive cyberattacks. The implications of this are significant, as they threaten critical infrastructure and sensitive data on a global scale. Organizations and individuals using vulnerable devices need to be particularly vigilant and take steps to secure their networks against these threats.

Read Original

A malware known as 'Fast16' has been linked to ongoing cyber tensions between the US and Iran. This malware specifically targets high-precision calculation software, with the intent to manipulate results. Notably, it includes a self-propagation mechanism, which allows it to spread without user intervention. This discovery raises concerns about the potential for state-sponsored cyberattacks and the implications for critical infrastructure, particularly in sectors reliant on precision calculations. As the geopolitical landscape continues to evolve, understanding threats like Fast16 becomes crucial for organizations to safeguard their operations against cyber sabotage.

Read Original

ESET researchers have uncovered a new hacking group known as GopherWhisper, which is linked to China and is targeting government entities. The attackers are using a custom toolkit primarily built in Go programming language, featuring multiple backdoors such as LaxGopher and RatGopher, as well as a C++ backdoor called SSLORDoor. This sophisticated approach allows them to maintain access and control over compromised systems. The implications of these attacks are significant, as they threaten sensitive government data and can disrupt critical operations. As these activities are ongoing, governments worldwide need to bolster their cybersecurity measures to defend against such targeted intrusions.

Read Original

A U.S. federal agency has reported that a Cisco firewall has been compromised by a backdoor malware known as 'Firestarter'. This malware gives attackers remote access and control over the infected device and is designed to persist even after security patches are applied. The incident raises significant concerns about the security of federal networks, especially given the critical role firewalls play in protecting sensitive information. As agencies rely on these devices to safeguard their data, the presence of such malware could expose them to further attacks. Users and organizations using Cisco firewalls need to be vigilant and ensure their systems are updated and monitored for unusual activity.

Read Original
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

The Hacker News

Actively Exploited

A serious security vulnerability in LMDeploy, a toolkit for managing large language models, has been actively exploited less than 13 hours after being made public. This flaw, designated as CVE-2026-33626, has a CVSS score of 7.5 and involves a Server-Side Request Forgery (SSRF) issue, which attackers can use to gain access to sensitive data. This incident poses significant risks for users and organizations that rely on LMDeploy for deploying and serving machine learning models. Given the rapid exploitation of this vulnerability, companies using LMDeploy should take immediate action to safeguard their systems. The swift response from attackers emphasizes the need for stringent monitoring and prompt patching of critical vulnerabilities.

Read Original

A critical vulnerability in Microsoft SharePoint, identified as CVE-2026-32201, is currently being exploited by attackers. Over 1,300 SharePoint servers exposed to the internet remain at risk, with fewer than 200 instances patched since the last Patch Tuesday. This zero-day spoofing flaw allows unauthorized access, which could lead to significant data breaches or further intrusions. Organizations using SharePoint should prioritize applying available updates to mitigate the risk and secure their systems against ongoing attacks. The situation underscores the urgency for users to remain vigilant and proactive in patch management.

Read Original
Actively Exploited

Recent research from OWASP reveals that AI-driven attacks are increasingly targeting critical sectors, including government agencies, cloud service providers, and supply chains. These sophisticated attacks leverage artificial intelligence to automate and enhance their effectiveness, making them harder to detect and prevent. The impact of these attacks is significant, as they can compromise sensitive data and disrupt essential services. Organizations in the affected sectors need to be vigilant and adopt stronger security measures to defend against these evolving threats. As AI technology continues to advance, the risk of such attacks is likely to grow, necessitating a proactive approach to cybersecurity.

Read Original

The article discusses a rising cybersecurity concern in the electricity sector, where attackers are increasingly manipulating voltage levels to achieve their objectives. This manipulation can lead to system failures, disruptions in service, or even physical damage to infrastructure. As cybercriminals become more sophisticated, it is crucial for companies in the electricity industry to bolster their defenses against such attacks. The implications of these vulnerabilities are significant, affecting not just utility companies but also the everyday lives of consumers who rely on a stable power supply. Awareness and proactive measures are essential to mitigate these risks and protect critical infrastructure.

Read Original
PreviousPage 22 of 61Next