For the latest discoveries in cyber research for the week of 12th February, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES One of the largest unions in California, Service …
Category: Cyber Security News
Cybersecurity researchers have uncovered an “implementation vulnerability” that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by …
When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of …
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it’s partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to …
Incident response (IR) is a race against time. You engage your internal or external team because there’s enough evidence that something bad is happening, but you’re still blind to the …
Microsoft said it’s introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges. “Sudo for Windows is a new way …
The U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation. It is also giving …
Feb 11, 2024NewsroomMalware / Cybercrime The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote Read More…
The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT. The domains – www.warzone[.]ws …
Feb 10, 2024NewsroommacOS Malware / Cyber Threat Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar Read More…
Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found …
Feb 09, 2024NewsroomMalware / Dark Web The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as Read More…
The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it …
Feb 09, 2024NewsroomMobile Security / Cyber Threat Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices Read More…
Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. “Typical MoqHao requires users to install and …
Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a …
Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. “This malware utilizes the Squirrel installer for distribution, leveraging Node.js and …
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for …
Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling …
Feb 09, 2024NewsroomCyber Espionage / Threat Intelligence An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage Read More…
Feb 09, 2024NewsroomCyber Espionage / Threat Intelligence An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage Read More…
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked …
An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop a previously undocumented backdoor called Zardoor. Cisco Talos, …
The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five …
If you’ve listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. …
The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver …
Feb 08, 2024NewsroomEndpoint Security / Cyber Threat The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the Read More…
Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive …
Feb 08, 2024NewsroomData Protection / Mobile Securit Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps Read More…
AhnLab SEcurity intelligence Center (ASEC) previously uploaded the article “BlueShell Used in APT Attacks Against Korean and Thai Targets” [1] on the ASEC blog which introduced BlueShell malware strains that …
The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals “SSH, FileZilla, C drive files/directories, browsers, …
Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from …
The threat actors behind the KV-botnet made “behavioral changes” to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity. KV-botnet Read More…
The threat actors behind the KV-botnet made “behavioral changes” to the malicious network as U.S. law enforcement began issuing commands to neutralize the activity. KV-botnet is the name given to …
The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked …
A coalition of dozens of countries, including France, the U.K., and the U.S., along with tech companies such as Google, MDSec, Meta, and Microsoft, have signed a joint agreement to …
Chinese state-backed hackers broke into a computer network that’s used by the Dutch armed forces by targeting Fortinet FortiGate devices. “This [computer network] was used for unclassified research and development …
JetBrains is alerting customers of a critical security flaw in its TeamCity On-Premises continuous integration and continuous deployment (CI/CD) software that could be exploited by threat actors to take over …
AhnLab SEcurity intelligence Center (ASEC) has identified the distribution of RAT malware disguised as an illegal gambling-related file. Like the distribution method of VenomRAT introduced last month ([1]), the malware …
Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer. “This malware is designed to steal …
Three new security vulnerabilities have been discovered in Azure HDInsight’s Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) …
SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, …
Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal …
A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver Foundation said it observed exploitation attempts originating …
The U.S. State Department said it’s implementing a new policy that imposes visa restrictions on individuals who are linked to the illegal use of commercial spyware to surveil civil society …
A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business. Aliaksandr …
For the latest discoveries in cyber research for the week of 5th February, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES AnyDesk Software GmbH , the company behind the …
A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in …
Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware | The Hacker News
The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. …
Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their …