Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) The Hacker [email protected] (The Hacker News)
January 22, 2025

Cisco has released software updates to address a critical security flaw impacting Meeting Management that could permit a remote, authenticated attacker to gain administrator privileges on susceptible instances. The vulnerability, tracked …


TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware The Hacker [email protected] (The Hacker News)
January 22, 2025

Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. "This actor engaged in a …


Trump Terminates DHS Advisory Committee Memberships, Disrupting Cybersecurity Review The Hacker [email protected] (The Hacker News)
January 22, 2025

The new Trump administration has terminated all memberships of advisory committees that report to the Department of Homeland Security (DHS).  "In alignment with the Department of Homeland Security's (DHS) commitment to …


MasterCard DNS Error Went Unnoticed for Years Krebs on SecurityBrianKrebs
January 22, 2025

The payment card giant MasterCard just fixed a glaring error in its domain name server settings that could have allowed anyone to intercept or divert Internet traffic for the company …


Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet The Hacker [email protected] (The Hacker News)
January 22, 2025

Threat actors are exploiting an unspecified zero-day vulnerability in Cambium Networks cnPilot routers to deploy a variant of the AISURU botnet called AIRASHI to carry out distributed denial-of-service (DDoS) attacks. According …


Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks The Hacker [email protected] (The Hacker News)
January 22, 2025

As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security …


President Trump Pardons Silk Road Creator Ross Ulbricht After 11 Years in Prison The Hacker [email protected] (The Hacker News)
January 22, 2025

U.S. President Donald Trump on Tuesday granted a "full and unconditional pardon" to Ross Ulbricht, the creator of the infamous Silk Road drug marketplace, after spending 11 years behind bars. "I …


PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack The Hacker [email protected] (The Hacker News)
January 22, 2025

A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, …


Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products The Hacker [email protected] (The Hacker News)
January 22, 2025

Oracle is urging customers to apply its January 2025 Critical Patch Update (CPU) to address 318 new security vulnerabilities spanning its products and services. The most severe of the flaws is …


Mirai Botnet Launches Record 5.6 Tbps DDoS Attack with 13,000+ IoT Device The Hacker [email protected] (The Hacker News)
January 21, 2025

Web infrastructure and security company Cloudflare on Tuesday said it detected and blocked a 5.6 Terabit per second (Tbps) distributed denial-of-service (DDoS) attack, the largest ever attack to be reported …