H January(270) February(364) March(400) April(276) May(343) June(373) July(4) August(0) September(0) October(0) November(0) December(0)
DATE | NAME | Info | CATEG. | WEB |
| 30.4.24 | U.S. Government Releases New AI Security Guidelines for Critical Infrastructure | The U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence | AI | The Hacker News |
| 30.4.24 | New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 | The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new | BigBrothers | The Hacker News |
| 30.4.24 | Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 | Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to | Virus | The Hacker News |
| 30.4.24 | China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale | A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain | APT | The Hacker News |
| 30.4.24 | Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM | It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever- | Security | The Hacker News |
| 30.4.24 | New R Programming Vulnerability Exposes Projects to Supply Chain Attacks | A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a | Vulnerebility | The Hacker News |
| 30.4.24 | Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover | Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited | Vulnerebility | The Hacker News |
| 30.4.24 | Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks | Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential | Hack | The Hacker News |
| 30.4.24 | Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw | Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven- | Vulnerebility | The Hacker News |
| 30.4.24 | Bogus npm Packages Used to Trick Software Developers into Installing Malware | An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job | Virus | The Hacker News |
| 28.4.24 | Talos IR trends: BEC attacks surge, while weaknesses in MFA persist | Within BEC attacks, adversaries will send phishing emails appearing to be from a known or reputable source making a valid request, such as updating payroll direct deposit information. | Cyber blog | Cisco Blog |
| 28.4.24 | ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices | ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are the perfect intrusion point for espionage-focused campaigns. | Malware blog | Cisco Blog |
| 28.4.24 | Suspected CoralRaider continues to expand victimology using three information stealers | Talos also discovered a new PowerShell command-line argument embedded in the LNK file to bypass anti-virus products and download the final payload into the victims’ host. | Malware blog | Cisco Blog |
| 28.4.24 | Major phishing-as-a-service platform disrupted – Week in security with Tony Anscombe | The investigation uncovered at least 40,000 phishing domains that were linked to LabHost and tricked victims into handing over their sensitive details | Phishing blog | Eset |
| 28.4.24 | Gripped by Python: 5 reasons why Python is popular among cybersecurity professionals | Python’s versatility and short learning curve are just two factors that explain the language’s 'grip' on cybersecurity | Cyber blog | Eset |
| 28.4.24 | What makes Starmus unique? A Q&A with award-winning filmmaker Todd Miller | The director of the Apollo 11 movie shares his views about the role of technology in addressing pressing global challenges, as well as why he became involved with Starmus | Security blog | Eset |
| 28.4.24 | The vision behind Starmus – A Q&A with the festival’s co-founder Garik Israelian | Dr. Israelian talks about Starmus's vision and mission, the importance of inspiring and engaging audiences, and a sense of community within the Starmus universe | Security blog | Eset |
| 28.4.24 | Protecting yourself after a medical data breach – Week in security with Tony Anscombe | What are the risks and consequences of having your health data exposed and what are the steps to take if it happens to you? | Security blog | Eset |
| 27.4.24 | Google Meet opens client-side encrypted calls to non Google users | Google is updating the client-side encryption mechanism for Google Meet to allow external participants, including those without Google accounts, to join encrypted calls. | Security | |
| 27.4.24 | Windows 11 KB5036980 update goes live with Start Menu ads | Microsoft has enabled Start menu ads in the optional KB5036980 preview cumulative update for Windows 11 22H2 and 23H2. | OS | |
| 27.4.24 | Ring customers get $5.6 million in privacy breach settlement | The Federal Trade Commission is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections. | BigBrothers | |
| 27.4.24 | Microsoft pulls fix for Outlook bug behind ICS security alerts | Microsoft reversed the fix for an Outlook bug causing erroneous security warnings after installing December 2023 security updates | OS | |
| 27.4.24 | CoralRaider attacks use CDN cache to push info-stealer malware | A threat actor has been using a content delivery network cache to store information-stealing malware in an ongoing campaign targeting systems U.S., the U.K., Germany, and Japan. | Virus | |
| 27.4.24 | Microsoft releases Exchange hotfixes for security update issues | Microsoft has released hotfix updates to address multiple known issues impacting Exchange servers after installing the March 2024 security updates. | OS | |
| 27.4.24 | US govt sanctions Iranians linked to government cyberattacks | The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies. | BigBrothers | |
| 27.4.24 | DPRK hacking groups breach South Korean defense contractors | The National Police Agency in South Korea issued an urgent warning today about North Korean hacking groups targeting defense industry entities to steal valuable technology information. | APT | |
| 27.4.24 | US imposes visa bans on 13 spyware makers and their families | The Department of State has started imposing visa restrictions on mercenary spyware makers and peddlers, prohibiting their entry into the United States, as announced earlier in February. | Virus | BleepingComputer |
| 26.4.24 | Severe Flaws Disclosed in Brocade SANnav SAN Management Software | Several security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to compromise susceptible appliances. The 18 flaws | Vulnerebility | The Hacker News |
| 26.4.24 | New 'Brokewell' Android Malware Spread Through Fake Browser Updates | Fake browser updates are being used to push a previously undocumented Android malware called Brokewell . "Brokewell is a | OS | The Hacker News |
| 26.4.24 | Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack | Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has | Vulnerebility | The Hacker News |
| 26.4.24 | Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites | Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow | Exploit | The Hacker News |
| 26.4.24 | North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures | The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new | Virus | The Hacker News |
| 26.4.24 | DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions | The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called | Cryptocurrency | The Hacker News |
| 26.4.24 | Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny | Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address | Security | The Hacker News |
| 25.4.24 | State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage | A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed | APT | The Hacker News |
| 25.4.24 | U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks | The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for | BigBrothers | The Hacker News |
| 25.4.24 | Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike | Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver malware | APT | The Hacker News |
| 25.4.24 | Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users | Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious | Vulnerebility | The Hacker News |
| 25.4.24 | eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners | A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors | Virus | The Hacker News |
| 24.4.24 | Hackers hijack antivirus updates to drop GuptiMiner malware | North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware. | Virus | |
| 24.4.24 | UnitedHealth confirms it paid ransomware gang to stop data leak | The UnitedHealth Group has confirmed that it paid a ransom to cybercriminals to protect sensitive data stolen during the Optum ransomware attack in late February. | Ransom | |
| 24.4.24 | Microsoft: APT28 hackers exploit Windows flaw reported by NSA | Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg. | APT | |
| 24.4.24 | Synlab Italia suspends operations following ransomware attack | Synlab Italia has suspended all its medical diagnostic and testing services after a ransomware attack forced its IT systems to be taken offline. | Ransom | |
| 24.4.24 | GitLab affected by GitHub-style CDN flaw allowing malware hosting | BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. It turns out, GitLab is also affected by this issue and could be abused in a similar fashion. | Virus | |
| 24.4.24 | Russian Sandworm hackers targeted 20 critical orgs in Ukraine | Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure facilities in Ukraine, according to a report from the Ukrainian Computer Emergency Response Team (CERT-UA). | BigBrothers | BleepingComputer |
| 24.4.24 | CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers | A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot , LummaC2 , and | Virus | The Hacker News |
| 24.4.24 | Apache Cordova App Harness Targeted in Dependency Confusion Attack | Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness | Hack | The Hacker News |
| 24.4.24 | Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases | European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is | CyberCrime | The Hacker News |
| 24.4.24 | Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery | Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on | Ransom | The Hacker News |
| 24.4.24 | German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies | German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of | BigBrothers | The Hacker News |
| 23.4.24 | U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse | The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly | BigBrothers | The Hacker News |
| 23.4.24 | Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware | The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler | APT | The Hacker News |
| 23.4.24 | ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft | The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments | APT | The Hacker News |
| 23.4.24 | MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws | The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti | Exploit | The Hacker News |
| 22.4.24 | Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage | Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its | AI | The Hacker News |
| 22.4.24 | Malware dev lures child exploiters into honeytrap to extort them | You rarely root for a cybercriminal, but a new malware campaign targeting child exploiters doesn't make you feel bad for the victims. | Virus | |
| 22.4.24 | Ransomware payments drop to record low of 28% in Q1 2024 | Ransomware actors have had a rough start this year, as stats from cybersecurity firm Coveware show that the trend of victims declining to pay the cybercriminals continues and has now reached a new record low of 28%. | Ransom | |
| 22.4.24 | Critical Forminator plugin flaw impacts over 300k WordPress sites | The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server. | Vulnerebility | |
| 22.4.24 | GitHub comments abused to push malware via Microsoft repo URLs | A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy. | Virus | BleepingComputer |
| 22.4.24 | New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth | A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs | Virus | The Hacker News |
| 20.4.24 | The Windows Registry Adventure #2: A brief history of the feature | Before diving into the low-level security aspects of the registry, it is important to understand its role in the operating system and a bit of history behind it. In essence, the registry is a hierarchical database made of named "keys" and "values", used by Windows and applications to store a variety of settings and configuration data. | Vulnerebility blog | Project Zero |
| 20.4.24 | The Windows Registry Adventure #1: Introduction and research results | In the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in search of local privilege escalation bugs. | Vulnerebility blog | Project Zero |
| 20.4.24 | Redline Stealer: A Novel Approach | Authored by Mohansundaram M and Neil Tyagi A new packed variant of the Redline Stealer trojan was... | Malware blog | Mcafee |
| 20.4.24 | OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal | The documents contained malicious VBA code, indicating they may be used as lures to infect organizations. | Malware blog | Cisco Blog |
| 20.4.24 | Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials | Cisco Talos would like to acknowledge Brandon White of Cisco Talos and Phillip Schafer, Mike Moran, and Becca Lynch of the Duo Security Research team for their research that led to the identification of these attacks. Cisco Talos is actively monitoring a global increase in brute | Attack blog | Cisco Blog |
| 20.4.24 | The many faces of impersonation fraud: Spot an imposter before it’s too late | What are some of the most common giveaway signs that the person behind the screen or on the other end of the line isn’t who they claim to be? | Security blog | Eset |
| 20.4.24 | The ABCs of how online ads can impact children’s well-being | From promoting questionable content to posing security risks, inappropriate ads present multiple dangers for children. Here’s how to help them stay safe. | Security blog | Eset |
| 20.4.24 | Bitcoin scams, hacks and heists – and how to avoid them | Here’s how cybercriminals target cryptocurrencies and how you can keep your bitcoin or other crypto safe | Cryptocurrency blog | Eset |
19.4.24 | BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool | Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as | ||
19.4.24 | Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers | Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the | ||
| 19.4.24 | Fake cheat lures gamers into spreading infostealer malware | A new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab,' promising downloaders a free copy if they convince their friends to install it too. | Virus | |
| 19.4.24 | Frontier Communications shuts down systems after cyberattack | American telecom provider Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack. | Incindent | |
| 19.4.24 | 840-bed hospital in France postpones procedures after cyberattack | The Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a cyberattack on Tuesday morning, severely impacting its operations and forcing staff to go back to pen and paper. | Incindent | |
| 19.4.24 | FBI: Akira ransomware raked in $42 million from 250+ victims | According to a joint advisory from the FBI, CISA, Europol's European Cybercrime Centre (EC3), and the Netherlands' National Cyber Security Centre (NCSC-NL), the Akira ransomware operation has breached the networks of over 250 organizations and raked in roughly $42 million in ransom payments. | Ransom | |
| 19.4.24 | Google ad impersonates Whales Market to push wallet drainer malware | A legitimate-looking Google Search advertisement for the crypto trading platform 'Whales Market' redirects visitors to a wallet-draining phishing site that steals all of your assets. | Virus | |
| 19.4.24 | LabHost phishing service with 40,000 domains disrupted, 37 arrested | The LabHost phishing-as-a-service (PhaaS) platform has been disrupted in a year-long global law enforcement operation that compromised the infrastructure and arrested 37 suspects, among them the original developer. | Phishing | |
| 19.4.24 | SoumniBot malware exploits Android bugs to evade detection | A new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure. | OS | BleepingComputer |
| 19.4.24 | Hackers Target Middle East Governments with Evasive "CR4T" Backdoor | Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor | Virus | The Hacker News |
| 19.4.24 | OfflRouter Malware Evades Detection in Ukraine for Almost a Decade | Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its | Virus | The Hacker News |
| 19.4.24 | FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor | The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive | APT | The Hacker News |
| 18.4.24 | Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks | In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities. | Cryptocurrency | |
| 18.4.24 | FIN7 targets American automaker’s IT staff in phishing attacks | The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor. | Phishing | |
| 18.4.24 | Moldovan charged for operating botnet used to push ransomware | The U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States. | Ransom | |
| 18.4.24 | Cisco discloses root escalation flaw with public exploit code | Cisco has released patches for a high-severity Integrated Management Controller (IMC) vulnerability with public exploit code that can let local attackers escalate privileges to root. | Exploit | |
| 18.4.24 | Russian Sandworm hackers pose as hacktivists in water utility breaches | The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups. | APT | |
| 18.4.24 | Multiple botnets exploiting one-year-old TP-Link flaw to hack routers | At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year. | BotNet | |
| 18.4.24 | New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks | A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the | OS | The Hacker News |
| 18.4.24 | Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide | As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost | Phishing | The Hacker News |
| 18.4.24 | DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware | New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go. | Virus | Securelist |
| 18.4.24 | Using the LockBit builder to generate targeted ransomware | The LockBit 3.0 builder has significantly simplified creating customized ransomware. The image below shows the files that constitute it. As we can see, keygen.exe generates public and private keys used for encryption and decryption. After that, builder.exe generates the variant according to the options set in the config.json file. | Ransom | Securelist |
| 18.4.24 | SoumniBot: the new Android banker’s unique techniques | The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very popular among malicious actors who attack mobile devices. | Virus | Securelist |
| 18.4.24 | Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes | Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes | Exploit | The Hacker News |
| 18.4.24 | Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor | A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a | Virus | The Hacker News |
| 18.4.24 | Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks | A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern | APT | The Hacker News |
| 17.4.24 | UK e-visa rollout starts today for millions: no more physical immigration cards | Starting today, millions living in the UK will receive email invitations to sign up for an e-visa account that will replace their physical immigration documents like Biometric Residence Permits (BRPs). The move is, according to the Home Office, "a key step in creating a modernised and digital border." | Security | |
| 17.4.24 | T-Mobile, Verizon workers get texts offering $300 for SIM swaps | Criminals are now texting T-Mobile and Verizon employees on their personal and work phones, trying to tempt them with cash to perform SIM swaps. | Mobil | |
| 17.4.24 | Cerebral to pay $7 million settlement in Facebook pixel data leak case | The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people's sensitive health data. | Incindent | |
| 17.4.24 | Ivanti warns of critical flaws in its Avalanche MDM solution | Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution. | Exploit | |
| 17.4.24 | Exploit released for Palo Alto PAN-OS bug used in attacks, patch now | Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. | Vulnerebility | |
| 17.4.24 | Google to crack down on third-party YouTube apps that block ads | YouTube announced yesterday that third-party applications that block ads while watching YouTube videos violates its Terms of Service (ToS), and it will soon start taking action against the apps. | Security | |
| 17.4.24 | Cisco warns of large-scale brute-force attacks against VPN services | Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. | Hack | |
| 17.4.24 | PuTTY SSH client flaw allows recovery of cryptographic private keys | A vulnerability tracked as CVE-2024-31497 in PuTTY 0.68 through 0.80 could potentially allow attackers with access to 60 cryptographic signatures to recover the private key used for their generation. | Vulnerebility | |
| 17.4.24 | UnitedHealth: Change Healthcare cyberattack caused $872 million loss | UnitedHealth Group reported an $872 million impact on its Q1 earnings due to the ransomware attack disrupting the U.S. healthcare system since February. | Incindent | BleepingComputer |
| 17.4.24 | Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials | Cisco Talos is actively monitoring a global increase in brute-force attacks against a variety of targets, including Virtual Private Network (VPN) services, web application authentication interfaces and SSH services since at least March 18, 2024. | Hack | CISCO TALOS |
| 17.4.24 | Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread | Last year, a command injection vulnerability, CVE-2023-1389, was disclosed and a fix developed for the web management interface of the TP-Link Archer AX21 (AX1800). | Exploit | FORTINET |
| 17.4.24 | Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware | Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks | Ransom | The Hacker News |
| 17.4.24 | Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign | Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient | Vulnerebility | The Hacker News |
| 17.4.24 | Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services | Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) | Hack | The Hacker News |
| 16.4.24 | OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt | Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes | Security | The Hacker News |
| 16.4.24 | TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks | The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range | Virus | The Hacker News |
| 16.4.24 | AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs | New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud | Security | The Hacker News |
| 16.4.24 | Ransomware gang starts leaking alleged stolen Change Healthcare data | The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. | Ransom | |
| 16.4.24 | New SteganoAmor attacks use steganography to target 320 orgs globally | A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems. | Hack | |
| 16.4.24 | Microsoft will limit Exchange Online bulk emails to fight spam | Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025. | Spam | |
| 16.4.24 | Crypto miner arrested for skipping on $3.5 million in cloud server bills | The U.S. Department of Justice has announced the arrest and indictment of Charles O. Parks III, known as "CP3O," for allegedly renting large numbers of cloud servers to conduct crypto mining and then skipping out on paying the bills. | Cryptocurrency | |
| 16.4.24 | Chipmaker Nexperia confirms breach after ransomware gang leaks data | Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data. | Incindent | |
| 16.4.24 | Daixin ransomware gang claims attack on Omni Hotels | The Daixin Team ransomware gang claimed a recent cyberattack on Omni Hotels & Resorts and is now threatening to publish customers' sensitive information if a ransom is not paid. | Ransom | |
| 16.4.24 | Cisco Duo warns third-party data breach exposed SMS MFA logs | Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider. | Incindent | |
| 16.4.24 | Palo Alto Networks fixes zero-day exploited to backdoor firewalls | Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been actively exploited since March 26th to backdoor PAN-OS firewalls. | Vulnerebility | |
| 16.4.24 | Microsoft lifts Windows 11 block on some Intel systems after 2 years | Microsoft has finally lifted a compatibility hold blocking Windows 11 upgrades on systems with Intel 11th Gen Core processors and Intel Smart Sound Technology (SST) audio drivers. | OS | |
| 16.4.24 | OpenTable won't add first names, photos to old reviews after backlash | OpenTable has reversed its decision to show members' first names and profile pictures in past anonymous reviews after receiving backlash from members who felt it was a breach of privacy. | Security | BleepingComputer |
| 16.4.24 | Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack | The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from | Vulnerebility | The Hacker News |
| 16.4.24 | FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations | The U.S. Federal Trade Commission (FTC) has ordered the mental telehealth company Cerebral from using or disclosing personal data | BigBrothers | The Hacker News |
| 16.4.24 | Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown | Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a | Virus | The Hacker News |
| 16.4.24 | Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw | A security flaw impacting the Lighttpd web server used in baseboard management controllers ( BMCs ) has remained | Vulnerebility | The Hacker News |
| 16.4.24 | Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks | The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and | APT | The Hacker News |
| 15.4.24 | Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users | Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of | OS | The Hacker News |
| 15.4.24 | Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability | Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come | Vulnerebility | The Hacker News |
| 14.4.24 | Firebird RAT creator and seller arrested in the U.S. and Australia | A joint police operation between the Australian Federal Police (AFP) and the FBI has led to the arrest and charging of two individuals who are believed to be behind the development and distribution of the "Firebird" remote access trojan (RAT), later rebranded as "Hive." | Virus | |
| 14.4.24 | Hacker claims Giant Tiger data breach, leaks 2.8M records online | Canadian retail chain Giant Tiger disclosed a data breach in March 2024. A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers. | Incindent | |
| 14.4.24 | Palo Alto Networks zero-day exploited since March to backdoor firewalls | Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. | Exploit | |
| 14.4.24 | UK flooded with forged stamps despite using barcodes — to prevent just that | Royal Mail, the British postal and courier service began switching all snail mail stamps to barcoded stamps last year. The purpose of the barcode was to enhance security, deter stamp reuse, and possibly prevent forgeries—which it has failed to do. | Hack | |
| 14.4.24 | FBI warns of massive wave of road toll SMS phishing attacks | On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees. | Phishing | |
| 14.4.24 | Telegram fixes Windows app zero-day used to launch Python scripts | Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. | Vulnerebility | |
| 14.4.24 | Ex-Amazon engineer gets 3 years for hacking crypto exchanges | Former Amazon security engineer Shakeeb Ahmed was sentenced to three years in prison for hacking two cryptocurrency exchanges in July 2022 and stealing over $12 million. | Cryptocurrency | |
| 14.4.24 | Roku warns 576,000 accounts hacked in new credential stuffing attacks | Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March. | Incindent | |
| 14.4.24 | Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks | Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. | Exploit | |
| 14.4.24 | CISA makes its "Malware Next-Gen" analysis system publicly available | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new version of "Malware Next-Gen," now allowing the public to submit malware samples for analysis by CISA. | BigBrothers | |
| 14.4.24 | OpenTable is adding your first name to previously anonymous reviews | Restaurant reservation platform OpenTable says that all reviews on the platform will no longer be fully anonymous starting May 22nd and will now show members' profile pictures and first names. | Incindent | |
| 14.4.24 | LastPass: Hackers targeted employee in failed deepfake CEO call | LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company's Chief Executive Officer. | Phishing | |
| 14.4.24 | Optics giant Hoya hit with $10 million ransomware demand | A recent cyberattack on Hoya Corporation was conducted by the 'Hunters International' ransomware operation, which demanded a $10 million ransom for a file decryptor and not to release files stolen during the attack. | Ransom | BleepingComputer |
| 14.4.24 | CISA orders agencies impacted by Microsoft hack to mitigate risks | CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. | BigBrothers | |
| 14.4.24 | Intel and Lenovo servers impacted by 6-year-old BMC flaw | An almost 6-year-old vulnerability in the Lighttpd web server used in Baseboard Management Controllers has been overlooked by many device vendors, including Intel and Lenovo. | Vulnerebility | |
| 14.4.24 | CISA says Sisense hack impacts critical infrastructure orgs | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations. | BigBrothers | BleepingComputer |
| 14.4.24 | Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts | A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized | CyberCrime | The Hacker News |
| 13.4.24 | U.S. Treasury Hamas Spokesperson for Cyber Influence Operations | The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official | BigBrothers | The Hacker News |
| 13.4.24 | Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack | Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March | Virus | The Hacker News |
| 13.4.24 | Apple: Mercenary spyware attacks target iPhone users in 92 countries | Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device. | OS | |
| 13.4.24 | DuckDuckGo launches a premium Privacy Pro VPN service | DuckDuckGo has launched a new paid-for 3-in-1 subscription service called 'Privacy Pro,' which includes a virtual private network (VPN), a personal data removal service, and an identity theft restoration solution. | Safety | |
| 13.4.24 | Chrome Enterprise gets Premium security but you have to pay for it | Google has announced a new version of its browser for organizations, Chrome Enterprise Premium, which comes with extended security controls for a monthly fee per user. | Security | |
| 13.4.24 | Google Workspace rolls out multi-admin approval feature for risky changes | Google is rolling out a new Workspace feature that requires multiple admins to approve high-risk setting changes to prevent unauthorized or accidental modifications that could reduce security. | Security | |
| 13.4.24 | New Spectre v2 attack impacts Linux systems on Intel CPUs | Researchers have demonstrated the "first native Spectre v2 exploit" for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors. | Attack | |
| 13.4.24 | Malicious PowerShell script pushing malware looks AI-written | A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's CoPilot. | AI | |
| 13.4.24 | AT&T now says data breach impacted 51 million customers | AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained. | Incindent | |
| 13.4.24 | Malicious Visual Studio projects on GitHub push Keyzetsu malware | Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. | Virus | |
| 13.4.24 | Microsoft fixes two Windows zero-days exploited in malware attacks | Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. | Exploit | |
| 13.4.24 | Critical Rust flaw enables Windows command injection attacks | Microsoft has released the KB5036892 cumulative update for Windows 10 21H2 and Windows 10 22H2 with twenty-three changes and two new features. | OS | BleepingComputer |
| 13.4.24 | Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400 | Palo Alto Networks and Unit 42 are engaged in tracking activity related to CVE-2024-3400 and are working with external researchers, partners and customers to share information transparently and rapidly. | Vulnerebility blog | Palo Alto |
| 13.4.24 | Muddled Libra’s Evolution to the Cloud | Unit 42 researchers have discovered that the Muddled Libra group now actively targets software-as-a-service (SaaS) applications and cloud service provider (CSP) environments. | APT blog | Palo Alto |
| 13.4.24 | Starry Addax targets human rights defenders in North Africa with new malware | Cisco Talos is disclosing a new threat actor we deemed “Starry Addax” targeting mostly human rights activists, associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile malware. | Malware blog | Cisco Blog |
| 13.4.24 | Vulnerability in some TP-Link routers could lead to factory reset | There are also two out-of-bounds write vulnerabilities in the AMD Radeon user mode driver for DirectX 11. | Vulnerebility blog | Cisco Blog |
| 13.4.24 | eXotic Visit includes XploitSPY malware – Week in security with Tony Anscombe | Almost 400 people in India and Pakistan have fallen victim to an ongoing Android espionage campaign called eXotic Visit | Malware blog | Eset |
| 13.4.24 | Beyond fun and games: Exploring privacy risks in children’s apps | Should children’s apps come with ‘warning labels’? Here's how to make sure your children's digital playgrounds are safe places to play and learn. | Security blog | Eset |
| 13.4.24 | eXotic Visit campaign: Tracing the footprints of Virtual Invaders | ESET researchers uncovered the eXotic Visit espionage campaign that targets users mainly in India and Pakistan with seemingly innocuous apps | Cyber blog | Eset |
| 13.4.24 | 7 reasons why cybercriminals want your personal data | Here's what drives cybercriminals to relentlessly target the personal information of other people – and why you need to guard your data like your life depends on it | Cyber blog | Eset |
| 13.4.24 | XZ backdoor story – Initial analysis | a single message on the Openwall OSS-security mailing list marked an important discovery for the information security, open source and Linux communities: the discovery of a malicious backdoor in XZ. XZ is a compression utility integrated into many popular distributions of Linux. | Virus | Securelist |
| 13.4.24 | Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files | "Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys , new findings from | Virus | The Hacker News |
| 12.4.24 | Iranian MuddyWater Hackers Adopt New C2 Tool 'DarkBeatC2' in Latest Campaign | The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called | APT | The Hacker News |
| 12.4.24 | Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack | Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited | Vulnerebility | The Hacker News |
| 12.4.24 | Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker | Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an | CyberCrime | The Hacker News |
| 12.4.24 | U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal | BigBrothers | The Hacker News |
| 12.4.24 | TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer | A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as | Phishing | The Hacker News |
| 11.4.24 | Critical Rust flaw enables Windows command injection attacks | Threat actors can exploit a security vulnerability in the Rust standard library to target Windows systems in command injection attacks. | Vulnerebility | |
| 11.4.24 | Windows 10 KB5036892 update released with 23 new fixes, changes | Microsoft has released the KB5036892 cumulative update for Windows 10 21H2 and Windows 10 22H2 with twenty-three changes and two new features. | OS | |
| 11.4.24 | GHC-SCW: Ransomware gang stole health data of 533,000 people | Non-profit healthcare service provider Group Health Cooperative of South Central Wisconsin (GHC-SCW) has disclosed that a ransomware gang breached its network in January and stole documents containing the personal and medical information of over 500,000 individuals. | Ransom | |
| 11.4.24 | Windows 11 KB5036893 update released with 29 changes, Moment 5 features | Microsoft has released the KB5036893 cumulative update for Windows 11 23H3, which includes 29 changes and fixes and enables the Moment 5 features for every user. | OS | |
| 11.4.24 | Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs | Today is Microsoft's April 2024 Patch Tuesday, which includes security updates for 150 flaws and sixty-seven remote code execution bugs. | OS | |
| 11.4.24 | RUBYCARP hackers linked to 10-year-old cryptomining botnet | A Romanian botnet group named 'RUBYCARP' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain. | Cryptocurrency | |
| 11.4.24 | Implementing container security best practices using Wazuh | Maintaining visibility into container hosts, ensuring best practices, and conducting vulnerability assessments are necessary to ensure effective security. In this article Wazuh explores how its software can help implement best security practices for containerized environments. | Security | |
| 11.4.24 | New SharePoint flaws help hackers evade detection when stealing files | Researchers have discovered two techniques that could enable attackers to bypass audit logs or generate less severe entries when downloading files from SharePoint. | Vulnerebility | |
| 11.4.24 | Over 90,000 LG Smart TVs may be exposed to remote attacks | Security researchers at Bitdefender have discovered four vulnerabilities impacting multiple versions of WebOS, the operating system used in LG smart TVs. | Hack | |
| 11.4.24 | Targus discloses cyberattack after hackers detected on file servers | Laptop and tablet accessories maker Targus disclosed that it suffered a cyberattack disrupting operations after a threat actor gained access to the company's file servers. | Hack | |
| 11.4.24 | Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks | Attackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage (NAS) devices exposed online and unpatched against a critical remote code execution (RCE) zero-day flaw. | Vulnerebility | |
| 11.4.24 | Hackers deploy crypto drainers on thousands of WordPress sites | Almost 2,000 hacked WordPress sites now display fake NFT and discount pop-ups to trick visitors into connecting their wallets to crypto drainers that automatically steal funds. | Cryptocurrency | |
| 11.4.24 | Cyberattack on UK’s CVS Group disrupts veterinary operations | UK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country. | Incindent | |
| 11.4.24 | Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks | Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it | OS | The Hacker News |
| 11.4.24 | Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability | Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve | Vulnerebility | The Hacker News |
| 11.4.24 | 'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan | An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India | OS | The Hacker News |
| 11.4.24 | Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files | Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious | Virus | The Hacker News |
| 11.4.24 | Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware | Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular | Spam | The Hacker News |
| 10.4.24 | Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel | Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems | Exploit | The Hacker News |
| 10.4.24 | Microsoft Fixes 149 Flaws in Huge April Patch Release, Zero-Days Included | Microsoft has released security updates for the month of April 2024 to remediate a record 149 flaws , two of which have come under | OS | The Hacker News |
| 10.4.24 | Critical 'BatBadBut' Rust Vulnerability Exposes Windows Systems to Attacks | A critical security flaw in the Rust standard library could be exploited to target Windows users and stage command injection | Exploit | The Hacker News |
| 9.4.24 | 10-Year-Old 'RUBYCARP' Romanian Hacker Group Surfaces with Botnet | A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying | BotNet | The Hacker News |
| 9.4.24 | Hackers Targeting Human Rights Activists in Morocco and Western Sahara | Human rights activists in Morocco and the Western Sahara region are the targets of a new threat actor that leverages phishing attacks | Phishing | The Hacker News |
| 9.4.24 | Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access | Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass | Vulnerebility | The Hacker News |
| 9.4.24 | Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing | Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a | Virus | The Hacker News |
| 9.4.24 | Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks | Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D- | Vulnerebility | The Hacker News |
| 9.4.24 | Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks | Google has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption | Safety | The Hacker News |
| 8.4.24 | Notepad++ needs your help in "parasite website" shutdown | The Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. There is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam someday either deliberately or as a result of a hijack. | CyberCrime | |
| 8.4.24 | The new features coming in Windows 11 24H2, expected this fall | Windows 11 24H2 is set to arrive on existing devices this fall with several new features, mostly Copilot-related improvements. | OS | |
| 8.4.24 | Home Depot confirms third-party data breach exposed employee info | Home Depot has confirmed that it suffered a data breach after one of its SaaS vendors mistakenly exposed a small sample of limited employee data, which could potentially be used in targeted phishing attacks. | Incindent | |
| 8.4.24 | New Windows driver blocks software from changing default web browser | Microsoft is now using a Windows driver to prevent users from changing the configured Windows 10 and Windows 11 default browser through software or by manually modifying the Registry. | OS | |
| 8.4.24 | Watch Out for 'Latrodectus' - This Malware Could Be In Your Inbox | Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns | Virus | The Hacker News |
| 8.4.24 | Cybercriminals Targeting Latin America with Sophisticated Phishing Scheme | A new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted | Phishing | The Hacker News |
| 8.4.24 | Google Sues App Developers Over Fake Crypto Investment App Scam | Google has filed a lawsuit against two app developers for engaging in an "international online consumer investment fraud | Cryptocurrency | The Hacker News |
| 7.4.24 | US Health Dept warns hospitals of hackers targeting IT help desks | The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector. | Hack | |
| 7.4.24 | Over 92,000 exposed D-Link NAS devices have a backdoor account | A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models. | Virus | |
| 7.4.24 | Recent Windows updates break Microsoft Connected Cache delivery | Microsoft says Windows 10 updates released since the start of the year are breaking Microsoft Connected Cache (MCC) node discovery on enterprise networks. | OS | |
| 7.4.24 | The Week in Ransomware - April 5th 2024 - Virtual Machines under Attack | Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services. | Ransom | |
| 7.4.24 | New Ivanti RCE flaw may impact 16,000 exposed VPN gateways | Approximately 16,500 Ivanti Connect Secure and Poly Secure gateways exposed on the internet are likely vulnerable to a remote code execution (RCE) flaw the vendor addressed earlier this week. | Vulnerebility | |
| 7.4.24 | Microsoft fixes Windows Sysprep issue behind 0x80073cf2 errors | Microsoft has fixed a known issue causing 0x80073cf2 errors when using the System Preparation (Sysprep) tool after installing November Windows 10 updates. | OS | |
| 7.4.24 | Fake Facebook MidJourney AI page promoted malware to 1.2 million people | Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware. | AI | |
| 7.4.24 | Acuity confirms hackers stole non-sensitive govt data from GitHub repos | Acuity, a federal contractor that works with U.S. government agencies, has confirmed that hackers breached its GitHub repositories and stole documents containing old and non-sensitive data. | Incindent | |
| 7.4.24 | Panera Bread week-long IT outage caused by ransomware attack | Panera Bread's recent week-long outage was caused by a ransomware attack, according to people familiar with the matter and emails seen by BleepingComputer. | Ransom | |
| 7.4.24 | New Latrodectus malware replaces IcedID in network breaches | A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023. | Virus | |
| 7.4.24 | Visa warns of new JSOutProx malware variant targeting financial orgs | Visa is warning about a spike in detections for a new version of the JsOutProx malware targeting financial institutions and their customers. | Virus | |
| 7.4.24 | Microsoft fixes Outlook security alerts bug caused by December updates | Microsoft has fixed an issue that triggers erroneous Outlook security alerts when opening .ICS calendar files after installing the December 2023 Outlook Desktop security updates | Vulnerebility | |
| 7.4.24 | Hoya’s optics production and orders disrupted by cyberattack | Hoya Corporation, one of the largest global manufacturers of optical products, says a "system failure" caused servers at some of its production plants and business divisions to go offline on Saturday. | Hack | |
| 7.4.24 | US cancer center data breach exposes info of 827,000 patients | Cancer treatment and research center City of Hope is warning that a data breach exposed the sensitive information of over 820,000 patients. | Incindent | BleepingComputer |
| 7.4.24 | Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites | Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The | Exploit | The Hacker News |
| 7.4.24 | AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks | New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks | AI | The Hacker News |
| 6.4.24 | THE ILLUSION OF PRIVACY: GEOLOCATION RISKS IN MODERN DATING APPS | Dating apps often use location data, to show users nearby and their distances. However, openly sharing distances can lead to security issues. Techniques like trilateration allow attackers to determine user coordinates using distance information. | BigBrother blog | Checkpoint |
| 6.4.24 | BEYOND IMAGINING – HOW AI IS ACTIVELY USED IN ELECTION CAMPAIGNS AROUND THE WORLD | Deepfake materials (convincing AI-generated audio, video, and images that deceptively fake or alter the appearance, voice, or actions of political candidates) are often disseminated shortly before election dates to limit the opportunity for fact-checkers to respond. Regulations which ban political discussion on mainstream media in the hours leading up to elections, allow unchallenged fake news to dominate the airwaves. | AI blog | Checkpoint |
| 6.4.24 | AGENT TESLA TARGETING UNITED STATES & AUSTRALIA: REVEALING THE ATTACKERS’ IDENTITIES | When considering a notoriously famous topic known for quite a long time, it may feel like there is nothing new to add to this area anymore – all paths traced, all words said, all “i”s dotted. Is it worth an investigation to begin with? As it turns out, there are new discoveries with previously hidden information of valuable significance that can be built into the already-painted picture. | Malware blog | Checkpoint |
| 6.4.24 | MALWARE SPOTLIGHT: LINODAS AKA DINODASRAT FOR LINUX | In recent months, Check Point Research (CPR) has been closely monitoring the activity of a Chinese-nexus cyber espionage threat actor who is focusing on Southeast Asia, Africa, and South America. | Malware blog | Checkpoint |
| 6.4.24 | CoralRaider targets victims’ data and social media accounts | Cisco Talos discovered a new threat actor we’re calling “CoralRaider” that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries. | Social blog | Cisco Blog |
| 6.4.24 | Adversaries are leveraging remote access tools now more than ever — here’s how to stop them | While there are many legitimate uses for this software, adversaries are also finding ways to use them for command and control in their campaigns. | Malware blog | Cisco Blog |
| 6.4.24 | The devil is in the fine print – Week in security with Tony Anscombe | Temu's cash giveaway where people were asked to hand over vast amounts of their personal data to the platform puts the spotlight on the data-slurping practices of online services today | Security blog | Eset |
| 6.4.24 | How often should you change your passwords? | Answering this question is not as straightforward as it seems. Here’s what you should consider when it comes to keeping your accounts safe. | Security blog | Eset |
| 6.4.24 | Malware hiding in pictures? More likely than you think | There is more to some images than meets the eye – their seemingly innocent façade can mask a sinister threat. | Malware blog | Eset |
| 6.4.24 | The Biggest Takeaways from Recent Malware Attacks | Recent high-profile malware attacks teach us lessons on limiting malware risks at organizations. Learn more from Blink Ops about what these attacks taught us. | Virus | |
| 6.4.24 | Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack | The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key. | BigBrothers | |
| 6.4.24 | SurveyLama data breach exposes info of 4.4 million users | Data breach alerting service Have I Been Pwned (HIBP) warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of 4.4 million users. | Incindent | |
| 6.4.24 | Omni Hotels confirms cyberattack behind ongoing IT outage | Omni Hotels & Resorts has confirmed a cyberattack caused a nationwide IT outage that is still affecting its locations. | Incindent | |
| 6.4.24 | Hosting firm's VMware ESXi servers hit by new SEXi ransomware | Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. | Ransom | |
| 6.4.24 | Jackson County in state of emergency after ransomware attack | Jackson County, Missouri, is in a state of emergency after a ransomware attack took down some county services on Tuesday. | Ransom | |
| 6.4.24 | US State Department investigates alleged theft of government data | The U.S. Department of State is investigating claims of a cyber incident after a threat actor leaked documents allegedly stolen from a government contractor. | BigBrothers | |
| 6.4.24 | Critical flaw in LayerSlider WordPress plugin impacts 1 million sites | A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin. | Vulnerebility | |
| 6.4.24 | Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks | IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways. | Vulnerebility | |
| 6.4.24 | Google fixes one more Chrome zero-day exploited at Pwn2Own | Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. | Vulnerebility | |
| 6.4.24 | AT&T faces lawsuits over data breach affecting 73 million customers | AT&T is facing multiple class-action lawsuits following the company's admission to a massive data breach that exposed the sensitive data of 73 million current and former customers. | Incindent | |
| 6.4.24 | Google fixes two Pixel zero-day flaws exploited by forensics firms | Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them. | Vulnerebility | |
| 5.4.24 | From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware | Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan . The | Virus | The Hacker News |
| 5.4.24 | New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA | Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an | Virus | The Hacker News |
| 5.4.24 | Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws | Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances | Vulnerebility | The Hacker News |
| 5.4.24 | Vietnam-Based Hackers Steal Financial Data Across Asia with Malware | A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries | APT | The Hacker News |
| 5.4.24 | New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware | An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the | Phishing | The Hacker News |
| 4.4.24 | Microsoft warns Gmail blocks some Outlook email as spam, shares fix | Microsoft has confirmed that some Outlook.com users are experiencing issues with emails being blocked and marked as spam when trying to email Gmail accounts. | Vulnerebility | |
| 4.4.24 | Winnti's new UNAPIMON tool hides malware from security software | The Chinese 'Winnti' hacking group was found using a previously undocumented malware called UNAPIMON to let malicous processes run without being detected. | APT | |
| 4.4.24 | Omni Hotels experiencing nationwide IT outage since Friday | Omni Hotels & Resorts has been experiencing a chain-wide outage that brought down its IT systems on Friday, impacting reservation, hotel room door lock, and point-of-sale (POS) systems. | Incindent | |
| 4.4.24 | New Chrome feature aims to stop hackers from using stolen cookies | Google announced a new Chrome security feature called 'Device Bound Session Credentials' that ties cookies to a specific device, blocking hackers from stealing and using them to hijack users' accounts. | Safety | |
| 4.4.24 | Google agrees to delete Chrome browsing data of 136 million users | Google has agreed to delete billions of data records collected from 136 million Chrome users in the United States, as part of a lawsuit settlement regarding alleged undisclosed browser data collection while in Incognito mode. | Security | |
| 4.4.24 | Russia charges suspects behind theft of 160,000 credit cards | Russia's Prosecutor General's Office has announced the indictment of six suspected "hacking group" members for using malware to steal credit card and payment information from foreign online stores. | CyberCrime | |
| 4.4.24 | New XZ backdoor scanner detects implant in any Linux binary | Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094. | Virus | |
| 4.4.24 | India rescues 250 citizens enslaved by Cambodian cybercrime gang | The Indian government says it rescued and repatriated 250 citizens who sought jobs in Cambodia, only to be forced into conducting cybercrime once they arrived. | CyberCrime | |
| 4.4.24 | Google now blocks spoofed emails for better phishing protection | Google has started automatically blocking emails sent by bulk senders who don't meet stricter spam thresholds and authenticate their messages as required by new guidelines to strengthen defenses against spam and phishing attacks. | Phishing | |
| 4.4.24 | OWASP discloses data breach caused by wiki misconfiguration | The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server. | Incindent | |
| 4.4.24 | Yacht retailer MarineMax discloses data breach after cyberattack | MarineMax, self-described as one of the world's largest recreational boat and yacht retailers, says attackers stole employee and customer data after breaching its systems in a March cyberattack. | Incindent | |
| 4.4.24 | FTC: Americans lost $1.1 billion to impersonation scams in 2023 | Impersonation scams in the U.S. exceeded $1.1 billion in losses last year, according to statistics collected by the Federal Trade Commission (FTC), a figure that is three times higher than in 2020 | Spam | |
| 4.4.24 | Shopping platform PandaBuy data leak impacts 1.3 million users | Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. | Incindent | |
| 4.4.24 | DinodasRAT malware targets Linux servers in espionage campaign | Security researchers have observed Red Hat and Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known as XDealer) that may have been operating since 2022. | Virus | |
| 4.4.24 | New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks | New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service | Hack | The Hacker News |
| 4.4.24 | Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure | Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could | Vulnerebility | The Hacker News |
| 4.4.24 | Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies | Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic | OS | The Hacker News |
| 4.4.24 | U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers | The U.S. Cyber Safety Review Board ( CSRB ) has criticized Microsoft for a series of security lapses that led to the breach of | APT | The Hacker News |
| 3.4.24 | Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks | Google on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials ( DBSC ) to help protect users | Safety | The Hacker News |
| 3.4.24 | Mispadu Trojan Targets Europe, Thousands of Credentials Compromised | The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to | Virus | The Hacker News |
| 3.4.24 | Critical Security Flaw Found in Popular LayerSlider WordPress Plugin | A critical security flaw impacting the LayerSlider plugin for WordPress could be abused to extract sensitive information from | Vulnerebility | The Hacker News |
| 2.4.24 | Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution | The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also | Virus | The Hacker News |
| 2.4.24 | China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations | A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the | APT | The Hacker News |
| 2.4.24 | Google to Delete Billions of Browsing Records in 'Incognito Mode' Privacy Lawsuit Settlement | Google has agreed to purge billions of data records reflecting users' browsing activities to settle a class action lawsuit that claimed the | Security | The Hacker News |
| 2.4.24 | Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors | The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in | Virus | The Hacker News |
| 1.4.24 | Indian Government Rescues 250 Citizens Forced into Cybercrime in Cambodia | The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into | BigBrothers | The Hacker News |
| 1.4.24 | Detecting Windows-based Malware Through Better Visibility | Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These | Virus | The Hacker News |
| 1.4.24 | Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals | Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other | OS | The Hacker News |
| 1.4.24 | Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities | The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection | OS | The Hacker News |