A new Golang-based information stealer malware dubbed Titan Stealer is being advertised by threat actors through their Telegram channel. ...
Read More
Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices
Researchers are warning about a spike in exploitation attempts weaponizing a now-patched critical remote code execution flaw in Realtek Jung...
Read More
PlugX Malware Hides on Removable USB Devices to Infect Windows Machine
An investigation by cyber security experts at Palo Alto Network’s Unit 42 team recently revealed that a variation of PlugX malware has the a...
Read More
ISC Releases Security Patches for New BIND DNS Software Vulnerabilities
The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain...
Read More
British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries
The U.K. National Cyber Security Centre (NCSC) on Thursday warned of spear-phishing attacks mounted by Russian and Iranian state-sponsored a...
Read More
GoTo Says Hackers Stole Customer Data and Encryption Keys
GoTo, formerly LogMeIn Inc., has acknowledged that a threat actor stole an encryption key that gave access to a portion of the backup files ...
Read More
Twitter Engineers Can Tweet as any Account Using ‘GodMode’ Claims Whistleblower
According to The Washington Post, a new Twitter whistleblower has come forward, confirming the alarming evidence from last year regarding th...
Read More
Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability
Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. ...
Read More
Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks
The legitimate command-and-control (C2) framework known as Sliver is gaining more traction from threat actors as it emerges as an open sourc...
Read More
Over 19,000 End-of-life Cisco VPN Routers Open for RCE Attacks
Censys recently reported that there are 19,500 end-of-life Cisco VPN routers being used by individuals and small businesses on the internet ...
Read More
Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps
Researchers have shut down an "expansive" ad fraud scheme that spoofed more than 1,700 applications from 120 publishers and impact...
Read More
Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram
The Russian state-sponsored cyber espionage group known as Gamaredon has continued its digital onslaught against Ukraine, with recent attack...
Read More
WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws
The Irish Data Protection Commission (DPC) on Thursday imposed fresh fines of €5.5 million against Meta's WhatsApp for violating data pr...
Read More
EmojiDeploy Vulnerability in Azure Let Attackers Execute Remote Code
The use of a set of methods to take advantage of vulnerabilities like misconfigurations and poor security protocols in a popular Azure servi...
Read More
Mailchimp Hacked – Attackers Accessed Internal Customer Support and Admin Tool
Another breach has occurred at MailChimp, which allowed threat actors to access 133 customers’ data after hackers gained access to its accou...
Read More
Git Users Urged to Update Software to Prevent Remote Code Execution Attacks
The maintainers of the Git source code version control system have released updates to remediate two critical vulnerabilities that could be ...
Read More
Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!
Users of Zoho ManageEngine are being urged to patch their instances against a critical security vulnerability ahead of the release of a proo...
Read More
New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild
Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency (CIA)'s Hive...
Read More
What are Digital Certificates?? How It Stops Hackers From Stealing Sensitive Data
Digital certificates are electronic credential that binds the identity to the owner of the certificate which can also pair the electronic en...
Read More
Malware Attack on CircleCI Engineer's Laptop Leads to Recent Security Incident
DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to s...
Read More
Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come ...
Read More
IcedID Malware Let Attackers Compromise the Active Directory Domain
In a recent incident, within just 24 hours of initial access, the IcedID (aka BokBot) malware was used to successfully penetrate the Active ...
Read More
Twitter Denies Hacking Claims and Theft of 200 Million Users’ Email Address
Twitter Inc. undertook a thorough investigation in response to recent media claims that the data of 200M Twitter users were being sold onlin...
Read More
Over 1,300 Domains Used to Deliver Notorious Information Stealer Malware
The official AnyDesk website is being impersonated using more than 1,300 domains, all of which are linking to a Dropbox folder that delivers...
Read More
What is Spoofing? How It Works and How to Prevent it
Spoofing is a malicious practice that disguising as a legitimate source to gain sensitive information, or to gain access to victims’ devices...
Read More
Malicious PyPI Packages Using Cloudflare Tunnels to Sneak Through Firewalls
In yet another campaign targeting the Python Package Index (PyPI) repository, six malicious packages have been found deploying information s...
Read More
Beware That Hackers Using ChatGPT to Develop Powerful Hacking Tools
An AI chatbot called ChatGPT, developed by OpenAI is being abused by cybercriminals as part of a new technique they have been experimenting ...
Read More
Hackers Can Abuse Visual Studio Marketplace to Target Developers with Malicious Extensions
A new attack vector targeting the Visual Studio Code extensions marketplace could be leveraged to upload rogue extensions masquerading as th...
Read More
Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
The Russian cyberespionage group known as Turla has been observed piggybacking on attack infrastructure used by a decade-old malware to deli...
Read More
10 Best Remote Administration Tools (RAT Tools) – 2023
Remote Administration Tools are some of the equipment that can be used to save time and space undoubtedly by making it possible to access sy...
Read More
WhatsApp Introduces Proxy Support to Help Users Bypass Internet Censorship
Popular instant messaging service WhatsApp has launched support for proxy servers in the latest version of its Android and iOS apps, letting...
Read More
Fortinet and Zoho Urge Customers to Patch Enterprise Software Vulnerabilities
Fortinet has warned of a high-severity flaw affecting multiple versions of FortiADC application delivery controller that could lead to the e...
Read More
BitRAT Malware Uses Bank-Themed Phishing Emails to Steal Sensitive Information
Qualys reported in June of 2022 that Discord’s content delivery network was found to be sharing a commercial off-the-shelf info stealer by h...
Read More
Raspberry Robin Worm Evolves to Attack Financial and Insurance Sectors in Europe
Financial and insurance sectors in Europe have been targeted by the Raspberry Robin worm, as the malware continues to evolve its post-exploi...
Read More
ABCs of Information Security – An Employee’s Security Awareness Guide – 2023
With ABCs of information security awareness, we can reduce the risk of losing private information, money, or reputation from cyberattacks. H...
Read More
Google to Pay $29.5 Million to Settle Lawsuits Over User Location Tracking
Google has agreed to pay a total of $29.5 million to settle two different lawsuits brought by Indiana and Washington, D.C., over its "d...
Read More
Hackers Use Google Ads Massively to Deliver Malware Payloads
Hackers have become more sophisticated in their use of Google Ads. They have been exploiting the platform for spreading malware to unsuspect...
Read More
Intrusion Prevention System (IPS) In-depth Analysis – A Detailed Guide
Like an intrusion detection system (IDS), an intrusion prevention system (IPS) screens network traffic. An Intrusion Prevention System (IPS)...
Read More
Subscribe to:
Posts (Atom)