Apr 22, 2024NewsroomRootkit / Software Security New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and processes. “When a user executes a function that has a path argument in Windows, the DOS path at which the file or
Quishing attacks, a form of phishing that leverages QR codes, have significantly increased, climbing from a mere 0.8% in 2021 to 10.8% in 2024. The figures come from the latest Egress report, which also suggests a notable decrease in attachment-based payloads, which halved from 72.7% to 35.7% over the same period. According to the new
Scams What are some of the most common giveaway signs that the person behind the screen or on the other end of the line isn’t who they claim to be? Phil Muncaster 18 Apr 2024 • , 5 min. read Our world is becoming more impersonal as it becomes more digital-centric. And because we can’t
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with
The Akira ransomware group has generated around $42m in proceeds in the period from March 2023 to January 2024, according to a joint advisory from Europol and US and Dutch government agencies. The ransomware-as-a-service (RaaS) actor is believed to have impacted over 250 organizations across North America, Europe and Australia during this period, with a
Apr 20, 2024NewsroomVulnerability / Network Security Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two bugs in versions PAN-OS 10.2,
A new study by CyberSN warns that the overall number of cybersecurity job postings in the US decreased by 22% from 2022 to 2023. The cyber job platform provider added that this decline is alarming and could impact national security, as some of these roles are essential for maintaining organizational and national cyber defenses. The
Apr 19, 2024NewsroomCyber Espionage / Threat Intelligence Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a
US election officials have been urged to take action to counter nation-state influence operations targeting this year’s election cycle. The joint advisory from the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Office of the Director of National Intelligence (ODNI), warned that Russia, China and Iran are engaged in influence
Apr 18, 2024NewsroomContainer Security / Cryptocurrency Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That’s according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the start of April 2024. OpenMetadata is an open-source platform
A known network has been targeting EU voters on Meta platforms (Facebook, Instagram, Messenger and Threads) with pro-Russian propaganda in France and Germany, according to a new report by non-profit analytics organization AI Forensics. The campaign has reached more than 38 million accounts in the last six months, with most ads not identified by Meta
Apr 17, 2024NewsroomIoT Security / Network Security Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. “These attacks all appear to be originating from TOR exit nodes and a range of other
Security researchers have discovered a new vulnerability affecting command-line tools used in cloud environments. Dubbed “LeakyCLI” by the Orca Security team, the flaw exposes sensitive credentials in logs, posing potential risks to organizations utilizing AWS and Google Cloud platforms. The issue mirrors a previously identified vulnerability in Azure CLI (CVE-2023-36052, with a CVSS score of
Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird). The U.S. Justice Department (DoJ) said the malware “gave the malware purchasers control over victim computers and enabled them to access victims’ private communications, their login
Global chipmaker giant Nexperia has revealed it suffered a cyber-attack amid reports that ransomware hackers stole sensitive documents and intellectual property from the company. The Chinese-owned firm, headquartered in the Netherlands, confirmed in a statement on April 12 that “an unauthorized third party” accessed certain IT servers in March 2024. “We promptly took action and
Apr 15, 2024NewsroomFirewall Security / Vulnerability Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.0), the critical vulnerability is a case of command injection in the GlobalProtect feature that an unauthenticated attacker could weaponize
Apple has updated its documentation related to its warning system for mercenary spyware threats, now specifying that it alerts users when they may have been individually targeted by such attacks. The revision points out companies like NSO Group, known for developing surveillance tools like Pegasus, which state actors often use for targeted attacks on individuals
Apr 13, 2024NewsroomCryptocurrency / Regulatory Compliance A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question, pled guilty to one count of computer fraud in December 2023
The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a breach affecting business analytics provider Sisense and urged its customers to rest their credentials. On April 11, 2024, CISA issued an advisory regarding Sisense customer data being potentially compromised. The agency is “currently collaborating with private industry partners to respond to a recent compromise
“Test files” associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression
A critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software, used in its GlobalProtect gateways, is being exploited in the wild, and no patches are available yet. Palo Alto Networks issued an alert about the flaw on April 12, 2024, thanking cybersecurity firm Volexity for discovering it. The vulnerability is a command injection vulnerability in
Apr 12, 2024NewsroomWeb Security / WordPress Cybersecurity researchers have discovered a credit card skimmer that’s concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom CSS and JS
Threat actors are going to great lengths to ensure that malicious code hidden in legitimate-looking GitHub repositories is used by as many developers as possible, Checkmarx has warned. The security vendor’s research engineer, Yehuda Gelb, described a number of techniques deployed in a recent campaign designed to ensure these repositories appear at the top of
Apr 11, 2024NewsroomSpyware / Cyber Espionage Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial surveillance tools such as Pegasus that are
A critical vulnerability in the Rust standard library could be exploited to target Windows systems and perform command injection attacks. The flaw was discovered by a security engineer from Flatt Security known as RyotaK. They named it BatBadBut, reported it to the CERT Coordination Center (CERT/CC) and published an analysis on April 9, 2024. That
Microsoft has released security updates for the month of April 2024 to remediate a record 149 flaws, two of which have come under active exploitation in the wild. Of the 149 flaws, three are rated Critical, 142 are rated Important, three are rated Moderate, and one is rated Low in severity. The update is aside
Network attached storage (NAS) vendor D-Link has urged users of end-of-life (EOL) products to retire and replace them, after news emerged of mass exploitation of legacy kit via a newly discovered vulnerability. Security researcher “netsecfish” published details of the vulnerability, which affects various D-Link NAS devices, on March 26. “The vulnerability lies within the nas_sharing.cgi
Apr 09, 2024NewsroomMalware / Cryptojacking Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets. The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked,
Threat actors increasingly utilize YouTube to distribute information stealer malware (infostealers) by appropriating legitimate channels as well as using their own video channels. In a new report, the AhnLab Security Intelligence Center (ASEC) found a growing number of cases in which malicious actors steal famous YouTube channels and repurpose them to distribute infostealers like Vidar
Apr 08, 2024NewsroomInvestment Scam / Mobile Security Google has filed a lawsuit against two app developers for engaging in an “international online consumer investment fraud scheme” that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise of promising higher returns. The individuals
- « Previous Page
- 1
- 2
- 3
- 4
- 5
- …
- 119
- Next Page »