Security news.
Today's cybersecurity news highlights significant disruptions to major botnets, critical vulnerabilities impacting widely used software, and a large-scale data breach. Authorities have taken down IoT botnets responsible for massive DDoS attacks, while new flaws in Magento and older iPhones pose serious exploitation risks.
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
U.S., Canadian, and German authorities dismantled infrastructure for four botnets (Aisuru, Kimwolf, JackSkid, Mossad) that compromised over three million IoT devices and launched record-smashing DDoS attacks.
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Apple is urging users of outdated iOS versions to update their iPhones to protect against web-based attacks from exploit kits like Coruna and DarkSword, which can lead to sensitive data theft.
Navia discloses data breach impacting 2.7 million people
Navia Benefit Solutions, Inc. is notifying nearly 2.7 million individuals about a data breach that exposed their sensitive information to attackers.
New ‘PolyShell’ flaw allows unauthenticated RCE on Magento e-stores
A newly disclosed 'PolyShell' vulnerability affects all Magento Open Source and Adobe Commerce stable version 2 installations, enabling unauthenticated code execution and account takeover.
FBI seizes Handala data leak site after Stryker cyberattack
The FBI seized two websites used by the Handala hacktivist group following a destructive cyberattack on medical technology giant Stryker that wiped approximately 80,000 devices.
Russian hackers exploit Zimbra flaw in Ukrainian govt attacks
APT28, a Russian state-backed threat group, is exploiting a Zimbra Collaboration Suite (ZCS) vulnerability in attacks targeting Ukrainian government entities.
54 EDR Killers Use BYOVD to Exploit 35 Signed Vulnerable Drivers and Disable Security
Analysis reveals 54 EDR killer programs leverage the bring your own vulnerable driver (BYOVD) technique by abusing 35 vulnerable drivers to neutralize security software, often preceding ransomware deployment.
New Perseus Android Banking Malware Monitors Notes Apps to Extract Sensitive Data
A new Android banking malware, Perseus, is actively distributed to conduct device takeover and financial fraud, evolving from Cerberus and Phoenix to compromise devices via dropper apps.