A critical security flaw has been disclosed in miniOrange's Social Login and Register plugin for WordPress that could enable a malicious...
Read More
Threat Hunt: KillNet’s DDoS HEAD Flood Attacks – cc.py
Executive Summary Killnet is a hacktivist group based in Russia that has been active since at least 2015. The group is known for launching D...
Read More
Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland
A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S., U.K., Germany, A...
Read More
Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers
Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group...
Read More
Chinese Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks
The newly discovered Chinese nation-state actor known as Volt Typhoon has been observed to be active in the wild since at least mid-2020, wi...
Read More
Twitter Hacker Sentenced to 5 Years in Prison for $120,000 Crypto Scam
A U.K. citizen who took part in the massive July 2020 hack of Twitter has been sentenced to five years in prison in the U.S. Joseph James O...
Read More
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things (IoT) devices are being targeted as part of a new campaign designed to illicitly mine c...
Read More
US cyber ambassador says China knows how to steal its way to dominance of cloud and AI
Calls on governments to combat ‘playbook’ that propelled Huawei to prominence China has a playbook to use IP theft to seize leadership in cl...
Read More
ChatGPT shows promise in detecting phishing sites
ChatGPT can be used to generate phishing sites, but could it also be used to reliably detect them? Security researchers have tried to answer...
Read More
Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces
Over 101,100 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May ...
Read More
Reddit Hackers Threaten to Leak 80GB of Stolen Data
The February 5th intrusion on Reddit was allegedly carried out by the ALPHV ransomware operation, also known as BlackCat. Threat actors gain...
Read More
How to simplify the process of compliance with U.S. Executive Order 14028
In this Help Net Security video, Nick Mistry, SVP and CISO at Lineaje, offers tips to simplify the process of compliance with U.S. Executive...
Read More
Goodbyes are difficult, IT offboarding processes make them harder
When employees, contractors and service providers leave an organization, they take with them knowledge, capabilities, and professional achie...
Read More
From Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin Botnet
Cybersecurity researchers have discovered previously undocumented payloads associated with a Romanian threat actor named Diicot, revealing i...
Read More
Fake security researchers push malware files on GitHub
Categories: News Tags: GitHub Tags: malware Tags: repository Tags: security researcher Tags: fake Tags: download Tags: scam Tags: twitter Ta...
Read More
Chinese Hackers Employed DNS-over-HTTPS for Linux Malware Communication
ChamelGang, a sophisticated threat actor believed to be based in China, has been using different tools for intrusions, as identified by the ...
Read More
What is a browser doing at Infosecurity Europe 2023?
What if the enterprise had complete control over the browser? What would it do for security, productivity, for work itself? Ari Yablok, Head...
Read More
Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack
The U.S. Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-de...
Read More
Critical FortiOS and FortiProxy Vulnerability Likely Exploited - Patch Now!
Fortinet on Monday disclosed that a newly patched critical flaw impacting FortiOS and FortiProxy may have been "exploited in a limited ...
Read More
Strava heatmap loophole may reveal users’ home addresses
Categories: Personal Tags: strava Tags: fitness Tags: health Tags: run Tags: running Tags: jog Tags: jogging Tags: jogger Tags: cycling Tags...
Read More
Apple’s Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs
Apple is introducing major updates to Safari Private Browsing, offering users better protections against third-party trackers as they browse...
Read More
What is SYN Attack? How Does the Attack Works ?
TCP SYN Flood attacks are the most popular ones among DDOS attacks. Here we will discuss, in detail, the basis of the TCP SYN attack and to ...
Read More
Update your Cisco System Secure Client now to fix this AnyConnect bug
Categories: Exploits and vulnerabilities Categories: News Tags: Cisco Tags: anyconnect Tags: system secure client Tags: VPN Tags: bug Tags: ...
Read More
Ransomware review: June 2023
Categories: Ransomware Categories: Threat Intelligence May saw a record number of 556 reported ransomware victims, the unusual emergence of ...
Read More
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this...
Read More
The Bizarre Reality of Getting Online in North Korea
New testimony from defectors reveals pervasive surveillance and monitoring of limited internet connections. For millions of others, the inte...
Read More
‘Triangulation’ Malware- New Tool to Find iPhones & iOS Devices Infection
Kaspersky reported earlier this month that they have discovered a new Zero-click iOS exploit currently being exploited by threat actors. The...
Read More
The Annual Report: 2024 Plans and Priorities for SaaS Security
Over 55% of security executives report that they have experienced a SaaS security incident in the past two years — ranging from data leaks a...
Read More
10 Best SIEM Tools for SOC Operations – 2023
SIEM is now a fundamental security component of modern enterprises. The major reason is that each customer or tracker creates a virtual foot...
Read More
Kimsuky APT poses as journalists and broadcast writers in its attacks
North Korea-linked APT group Kimsuky is posing as journalists to gather intelligence, a joint advisory from NSA and FBI warns. A joint advis...
Read More
Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
The Chinese nation-state group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-g...
Read More
How defense contractors can move from cybersecurity to cyber resilience
As the world’s most powerful military and economic power, the United States also holds another, less impressive distinction: Cyber threat ac...
Read More
RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks
The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since ...
Read More
Subscribe to:
Posts (Atom)