DATE

NAME

Info

CATEG.

WEB

Trend Micro

Trend Micro

Trend Micro

Trend Micro

Deceptive Delight: Jailbreak LLMs Through Camouflage and Distraction

Jumpy Pisces Engages in Play Ransomware

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

Eset

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

The Hacker News

Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans

Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called

Phishing

The Hacker News

Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers

Details have emerged about a now-patched security flaw in Styra's Open Policy Agent ( OPA ) that, if successfully exploited, could have

Vulnerebility

The Hacker News

Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks

Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances,

Cryptocurrency

The Hacker News

Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have

Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor

Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest

Virus

The Hacker News

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for

Vulnerebility

The Hacker News

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to

Vulnerebility

The Hacker News

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. "The

Vulnerebility

The Hacker News

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail

Exploit

The Hacker News

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not

APT

The Hacker News

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government

Ransom

The Hacker News

U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign

Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by

ICS

The Hacker News

Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign

Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver

Virus

The Hacker News

Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser

Microsoft has disclosed details about a now-patched security flaw in Apple's Transparency, Consent, and Control (TCC) framework in

Vulnerebility

The Hacker News

Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant

The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies

APT

The Hacker News

Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program

Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after

Ransom

The Hacker News

SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack

An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile

APT

The Hacker News

U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks

Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire

BigBrothers

The Hacker News

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root

Vulnerebility

The Hacker News

Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity

Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response

Hack

The Hacker News

North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware

The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows

Virus

The Hacker News

Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack

A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by

Virus

The Hacker News

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access

GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow

Vulnerebility

The Hacker News

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web

Exploit

The Hacker News

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's

Virus

The Hacker News

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT

Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a

Virus

The Hacker News

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of

Virus

The Hacker News

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

APT

The Hacker News

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate

Virus

The Hacker News

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow

Vulnerebility

The Hacker News

Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration

A suspected nation-state adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance (CSA) a zero-

APT

The Hacker News

Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware

Threat actors are actively attempting to exploit a now-patched security flaw in Veeam Backup & Replication to deploy Akira and Fog

Vulnerebility

The Hacker News

OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf

The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the

APT

The Hacker News

FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation

The U.S. Department of Justice (DoJ) has announced arrests and charges against several individuals and entities in connection with

Cryptocurrency

The Hacker News

Ireland fines Meta €91 million for storing passwords in plaintext

The Data Protection Commission (DPC) in Ireland has fined Meta Platforms Ireland Limited (MPIL) €91 million ($100 million) for storing in plaintext passwords of hundreds of millions of users.

BigBrothers

BleepingComputer

Iranian hackers charged for ‘hack-and-leak’ plot to influence election

The U.S. Department of Justice unsealed an indictment charging three Iranian hackers with a "hack-and-leak" campaign that aimed to influence the 2024 U.S. presidential election.

BigBrothers

BleepingComputer

U.S. charges Joker's Stash and Rescator money launderers

The U.S. Department of Justice (DoJ) has announced charges against two Russian nationals for operating billion-dollar money laundering services for cybercriminals, including ransomware groups.

BigBrothers

BleepingComputer

Microsoft: Windows Recall now can be removed, is more secure

Microsoft has announced security and privacy upgrades to its AI-powered Windows Recall feature, which now can be removed and has stronger default protection for user data and tighter access controls.

AI

BleepingComputer

Embargo ransomware escalates attacks to cloud environments

Microsoft warns that ransomware threat actor Storm-0501 has recently switched tactics and now targets hybrid cloud environments, expanding its strategy to compromise all victim assets.

Ransom

BleepingComputer

Progress urges admins to patch critical WhatsUp Gold bugs ASAP

Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon as possible.

Vulnerebility

BleepingComputer

Windows 11 KB5043145 update released with 13 changes and fixes

Microsoft released the September 2024 preview update (KB5043145) for Windows 11 23H2 and 22H2, with 13 improvements and fixes for multiple issues, including Edge and task manager freezes.

OS

BleepingComputer

CUPS flaws enable Linux remote code execution, but there’s a catch

Under certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute arbitrary code remotely on vulnerable machines.

Vulnerebility

BleepingComputer

Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign

Cybersecurity researchers have discovered a malicious Android app on the Google Play Store that enabled the threat actors behind it to

Cryptocurrency

The Hacker News

Threat landscape for industrial automation systems, Q2 2024

In this report, we share statistics on threats to industrial control systems in Q2 2024, including statistics by region, industry, malware and other threat types

ICS

Securelist

New RomCom malware variant 'SnipBot' spotted in data theft attacks

A new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to steal data from compromised systems.

Virus

BleepingComputer

Kia dealer portal flaw could let attackers hack millions of cars

A group of security researchers discovered critical flaws in Kia's dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle's license plate.

Hack

BleepingComputer

Tails OS merges with Tor Project for better privacy, security

The Tor Project and Tails OS are merging operations to better collaborate for a free internet by protecting users from surveillance and censorship.

OS

BleepingComputer

US sanctions crypto exchanges used by Russian ransomware gangs

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned PM2BTC and Cryptex, two cryptocurrency exchanges that laundered funds from Russian ransomware gangs and other cybercrime groups.

Cryptocurrency

BleepingComputer

Automattic blocks WP Engine’s access to WordPress resources

WordPress.org has banned WP Engine from accessing its resources and stopped delivering plugin updates to websites hosted on the platform, urging impacted users to choose other hosting providers.

Security

BleepingComputer

U.S. Charges Three Iranian Nationals for Election Interference and Cybercrimes

U.S. federal prosecutors on Friday unsealed criminal charges against three Iranian nationals who are allegedly employed with the Islamic

BigBrothers

The Hacker News

Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now

Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical

Vulnerebility

The Hacker News

Evolved Exploits Call for AI-Driven ASRM + XDR

AI-driven insights for managing emerging threats and minimizing organizational risk

AI blog

Trend Micro

Cybersecurity Compass: Bridging the Communication Gap

Discover how to use the Cybersecurity Compass to foster effective conversations about cybersecurity strategy between non-technical and technical audiences, focusing on the phases of before, during, and after a breach.

Cyber blog

Trend Micro

2024 SonicWall Threat Brief: Healthcare’s Escalating Cybersecurity Challenge

SonicWall’s 2024 Healthcare Threat Brief reveals at least 14 million U.S. patients affected by malware breaches, as outdated systems leave healthcare providers vulnerable to evolving ransomware threats - underscoring the need for MSPs/MSSPs.

Ransom blog

SonicWall

Secure Access Unlocked: Exploring WNM 4.5 and Service Provider Monthly Program

Learn about exciting updates in WNM 4.5 plus new additions to our service provider program!

Security blog

SonicWall

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

Unit 42 researchers have been tracking the activity of an ongoing poisoned Python packages campaign delivering Linux and macOS backdoors via infected Python software packages. We’ve named these infected software packages PondRAT.

Malware blog

Palo Alto

Inside SnipBot: The Latest RomCom Malware Variant

We recently discovered a novel version of the RomCom malware family called SnipBot and, for the first time, show post-infection activity from the attacker on a victim system.

Malware blog

Palo Alto

Investigating Infrastructure and Tactics of Phishing-as-a-Service Platform Sniper Dz

We have been monitoring a widely popular phishing-as-a-service (PhaaS) platform named Sniper Dz that primarily targets popular social media platforms and online services. A large number of phishers could be using this platform to launch phishing attacks, since the group behind this kit has thousands of subscribers on its Telegram channel.

Phishing blog

Palo Alto

Unraveling Sparkling Pisces’s Tool Set: KLogEXE and FPSpy

Unit 42 researchers discovered two malware samples used by the Sparkling Pisces (aka Kimsuky) threat group. This includes an undocumented keylogger, called KLogEXE by its authors, and an undocumented variant of a backdoor dubbed FPSpy.

Malware blog

Palo Alto

Wallet Scam: A Case Study in Crypto Drainer Tactics

Check Point Research (CPR) uncovered a malicious app on Google Play designed to steal cryptocurrency marking the first time a drainer has targeted mobile device users exclusively. The app used a set of evasion techniques to avoid detection and remained available for nearly five months before being removed.

Cryptocurrency blog

Checkpoint

10 Years of DLL Hijacking, and What We Can Do to Prevent 10 More

DLL Hijacking — a technique for forcing legitimate applications to run malicious code — has been in use for about a decade at least. In this write-up we give a short introduction to the technique of DLL Hijacking, followed by a digest of several dozen documented uses of that technique over the past decade as documented by MITRE.

Hacking blog

Checkpoint

Simple Mail Transfer Pirates: How threat actors are abusing third-party infrastructure to send spam

Many spammers have elected to attack web pages and mail servers of legitimate organizations, so they may use these “pirated” resources to send unsolicited email.

Spam blog

Cisco Blog

Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023

ESET Research has conducted a comprehensive technical analysis of Gamaredon’s toolset used to conduct its cyberespionage activities focused in Ukraine

BigBrother blog

Eset

Don’t panic and other tips for staying safe from scareware

Keep your cool, arm yourself with the right knowledge, and other tips for staying unshaken by fraudsters’ scare tactics

Spam blog

Eset

Time to engage: How parents can help keep their children safe on Snapchat

Here’s what parents should know about Snapchat and why you should take some time to ensure your children can stay safe when using the app

Social blog

Eset

Fake WalletConnect app on Google Play steals Android users’ crypto

A crypto draining app mimicking the legitimate 'WalletConnect' project has been distributed over Google Play for five months getting more than 10,000 downloads.

Cryptocurrency

BleepingComputer

HPE Aruba Networking fixes critical flaws impacting Access Points

HPE Aruba Networking has fixed three critical vulnerabilities in the Command Line Interface (CLI) service of its Aruba Access Points, which could let unauthenticated attackers gain remote code execution on vulnerable devices.

Vulnerebility

BleepingComputer

Google sees 68% drop in Android memory safety flaws over 5 years

The percentage of Android vulnerabilities caused by memory safety issues has dropped from 76% in 2019 to only 24% in 2024, representing a massive decrease of over 68% in five years.

OS

BleepingComputer

CISA: Hackers target industrial systems using “unsophisticated methods”

​CISA warned today of threat actors trying to breach critical infrastructure networks by targeting Internet-exposed industrial devices using "unsophisticated" methods like brute force attacks and default credentials.

Hack

BleepingComputer

Windows 10 KB5043131 update released with 9 changes and fixes

Microsoft has released the September 2024 non-security preview update for Windows 10, version 22H2, with fixes for bugs causing Edge web browser freezes and media playback issues.

OS

BleepingComputer

AutoCanada says ransomware attack "may" impact employee data

AutoCanada is warning that employee data may have been exposed in an August cyberattack claimed by the Hunters International ransomware gang.

Ransom

BleepingComputer

Kansas water plant cyberattack forces switch to manual operations

Arkansas City, a small city in Cowley County, Kansas, was forced to switch its water treatment facility to manual operations over the weekend to contain a cyberattack detected on Sunday morning.

Hack

BleepingComputer

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

A new set of security vulnerabilities has been disclosed in the OpenPrinting Common Unix Printing System ( CUPS ) on Linux

Vulnerebility

The Hacker News

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the

APT

The Hacker News

New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users

Russian-speaking users have been targeted as part of a new campaign distributing a commodity trojan called DCRat (aka

Hack

The Hacker News

U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national

BigBrothers

The Hacker News

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

A critical security flaw has been disclosed in the NVIDIA Container Toolkit that, if successfully exploited, could allow threat actors to

Vulnerebility

The Hacker News

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could

Hack

The Hacker News

N. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

Threat actors with ties to North Korea have been observed leveraging two new malware strains dubbed KLogEXE and FPSpy. The activity

APT

The Hacker News

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest

Virus

The Hacker News

U.S. govt agency CMS says data breach impacted 3.1 million people

The Centers for Medicare & Medicaid Services (CMS) federal agency announced earlier this month that health and personal information of more than three million health plan beneficiaries was exposed in the MOVEit attacks Cl0p ransomware conducted last year.

Incindent

BleepingComputer

Infostealer malware bypasses Chrome’s new cookie-theft defenses

Infostealer malware developers released updates claiming to bypass Google Chrome's recently introduced feature App-Bound Encryption to protect sensitive data such as cookies.

Virus

BleepingComputer

Critical Ivanti vTM auth bypass bug now exploited in attacks

CISA has tagged another critical Ivanti security vulnerability, which can let threat actors create rogue admin users on vulnerable Virtual Traffic Manager (vTM) appliances, as actively exploited in attacks.

Vulnerebility

BleepingComputer

Hackers deploy AI-written malware in targeted attacks

While cybercriminals have used generative AI technology to create convincing emails, government agencies have warned about the potential abuse of AI tools to creating malicious software, despite the safeguards and restrictions that vendors implemented.

AI

BleepingComputer

Generative AI Security: Getting ready for Salesforce Einstein Copilot

Salesforce's Einstein Copilot can provide insights and perform tasks help streamline daily processes. However, it also comes with risks that you should takes steps to mitigate. Learn more from Varonis on how to prepare for Salesforce Einstein Copilot,

AI

BleepingComputer

MoneyGram confirms a cyberattack is behind dayslong outage

Money transfer giant MoneyGram has confirmed it suffered a cyberattack after dealing with system outages and customer complaints about lack of service since Friday.

Hack

BleepingComputer

From 12 to 21: how we discovered connections between the Twelve and BlackJack groups

An investigation of BlackJack’s software, TTPs, and motivations led Kaspersky experts to identify a possible connection with the Twelve group.

APT

Securelist

Web tracking report: who monitored users’ online activities in 2023–2024 the most

Web tracking has become a pervasive aspect of our online experience. Whether we’re browsing social media, playing video games, shopping for products, or simply reading news articles, trackers are silently monitoring our online behavior, fueling the ceaseless hum of countless data centers worldwide. In this article,

Safety

Securelist

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential

APT

The Hacker News

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a cyber espionage

APT

The Hacker News

Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%

Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the

Vulnerebility

The Hacker News

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection

Security

The Hacker News

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool

Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto

Exploit

The Hacker News

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term

AI

The Hacker News

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of

Virus

The Hacker News

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic

Vulnerebility

The Hacker News

Necro Android Malware Found in Popular Camera and Browser Apps on Play Store

Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of

Virus

The Hacker News

U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech

The U.S. Department of Commerce (DoC) said it's proposing a ban on the import or sale of connected vehicles that integrate software and hardware made by foreign adversaries, particularly that of the

BigBrothers

The Hacker News

Kaspersky Exits U.S., Automatically Replaces Software With UltraAV, Raising Concerns

Antivirus vendor Kaspersky has formally begun pulling back its offerings in the U.S., migrating existing users to UltraAV, effective

Security

The Hacker News

New Octo Android malware version impersonates NordVPN, Google Chrome

A new version of the Octo Android malware, named "Octo2," has been seen spreading across Europe under the guise of NordVPN, Google Chrome, and an app called Europe Enterprise.

Virus

BleepingComputer

US proposes ban on connected vehicle tech from China, Russia

Today, the Biden administration announced new proposed measures to defend the United States' national security from potential threats linked to connected vehicle technologies originating from China and Russia.

APT

BleepingComputer

Telegram now shares users’ IP and phone number on legal requests

Telegram will now share users' phone numbers and IP addresses with law enforcement if they are found to be violating the platform's rules following a valid legal request.

Social

BleepingComputer

New Mallox ransomware Linux variant based on leaked Kryptina code

An affiliate of the Mallox ransomware operation, also known as TargetCompany, was spotted using a slightly modified version of the Kryptina ransomware to attack Linux systems.

Ransom

BleepingComputer

Kaspersky deletes itself, installs UltraAV antivirus without warning

Starting Thursday, Kaspersky deleted its anti-malware software from computers across the United States and replaced it with UltraAV's antivirus solution without warning.

Security

BleepingComputer

Android malware 'Necro' infects 11 million devices via Google Play

A new version of the Necro malware loader for Android was installed on 11 million devices through Google Play in malicious SDK supply chain attacks.

Virus

BleepingComputer

New Google Chrome feature will translate complex pages in real time

Google is testing a new API that uses machine learning models to offer real-time language translation for inputted text and to make it easier to translate web pages.

Cyber

BleepingComputer

New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities

Cybersecurity researchers have discovered a new version of an Android banking trojan called Octo that comes with improved

Virus

The Hacker News

Telegram Agrees to Share User Data With Authorities for Criminal Investigations

In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone numbers to

Social

The Hacker News

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

A critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead

IoT

The Hacker News

Discord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video Calls

Popular social messaging platform Discord has announced that it's rolling out a new custom end-to-end encrypted (E2EE) protocol to

Social

The Hacker News

New PondRAT Malware Hidden in Python Packages Targets Software Developers

Threat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called

Virus

The Hacker News

Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware

A suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other

Virus

The Hacker News

Global infostealer malware operation targets crypto users, gamers

A massive infostealer malware operation encompassing thirty campaigns targeting a broad spectrum of demographics and system platforms has been uncovered, attributed to a cybercriminal group named "Marko Polo."

Virus

BleepingComputer

Microsoft ends development of Windows Server Update Services (WSUS)

Microsoft has officially announced that Windows Server Update Services (WSUS) is now deprecated, but plans to maintain current functionality and continue publishing updates through the channel.

OS

BleepingComputer

Windows Server 2025 previews security updates without restarts

​Microsoft announced today that Hotpatching is now available in public preview for Windows Server 2025, allowing installation of security updates without restarting.

OS

BleepingComputer

Disney ditching Slack after massive July data breach

The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels.

Incindent

BleepingComputer

Ukraine bans Telegram on military, govt devices over security risks

Ukraine's National Coordination Centre for Cybersecurity (NCCC) has restricted the use of the Telegram messaging app within government agencies, military units, and critical infrastructure, citing national security concerns.

BigBrothers

BleepingComputer

Dell investigates data breach claims after hacker leaks employee info

Dell has confirmed to BleepingComputer that they are investigating recent claims that it suffered a data breach after a threat actor leaked the data for over 10,000 employees.

Incindent

BleepingComputer

Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber

APT

The Hacker News

Ukraine Bans Telegram Use for Government and Military Personnel

Ukraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and

BigBrothers

The Hacker News

macOS Sequoia change breaks networking for VPN, antivirus software

Users of macOS 15 'Sequoia' are reporting network connection errors when using certain endpoint detection and response (EDR) or virtual private network (VPN) solutions, and web browsers.

OS

BleepingComputer

Clickbaity or genius? 'BF cheated on you' QR codes pop up across UK

A new wave of QR codes has popped up across UK claiming to share a video of a boyfriend who "cheated" on a girl named Emily last night. Clickbaity or genius?

Security

BleepingComputer

Suspects behind $230 million cryptocurrency theft arrested in Miami

Two suspects were arrested in Miami this week and charged with conspiracy to steal and launder over $230 million in cryptocurrency using crypto exchanges and mixing services.

Cryptocurrency

BleepingComputer

CISA warns of actively exploited Apache HugeGraph-Server bug

The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server.

BigBrothers

BleepingComputer

Tor says it’s "still safe" amid reports of police deanonymizing users

The Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks.

Security

BleepingComputer

Ivanti warns of another critical CSA flaw exploited in attacks

Today, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) security flaw in attacks targeting a limited number of customers.

Exploit

BleepingComputer

Google Password Manager now automatically syncs your passkeys

Google announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users.

Safety

BleepingComputer

Police dismantles phone unlocking ring linked to 483,000 victims

A joint law enforcement operation has dismantled an international criminal network that used the iServer automated phishing-as-a-service platform to unlock the stolen or lost mobile phones of 483,000 victims worldwide. 

BigBrothers

BleepingComputer

Germany seizes 47 crypto exchanges used by ransomware gangs

German law enforcement seized 47 cryptocurrency exchange services hosted in the country that facilitated illegal money laundering activities for cybercriminals, including ransomware gangs.

BigBrothers

BleepingComputer

Unexplained ‘Noise Storms’ flood the Internet, puzzle experts

Internet intelligence firm GreyNoise reports that it has been tracking large waves of "Noise Storms" containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose.

Cyber

BleepingComputer

Clever 'GitHub Scanner' campaign abusing repos to push malware

A clever threat campaign is abusing GitHub repositories to distribute the Lumma Stealer password-stealing malware targeting users who frequent an open source project repository or are subscribed to email notifications from it.

Virus

BleepingComputer

Discord rolls out end-to-end encryption for audio, video calls

Discord has introduced the DAVE protocol, a custom end-to-end encryption (E2EE) protocol designed to protect audio and video calls on the platform from unauthorized interceptions.

Safety

BleepingComputer

Europol takes down "Ghost" encrypted messaging platform used for crime

Europol and law enforcement from nine countries successfully dismantled an encrypted communications platform called "Ghost," which was used by organized crime such as drug trafficking and money laundering.

BigBrothers

BleepingComputer

X hacking spree fuels "$HACKED" crypto token pump-and-dump

​Microsoft says a ransomware affiliate it tracks as Vanilla Tempest now targets U.S. healthcare organizations in INC ransomware attacks.

Ransom

BleepingComputer

Cracked Software or Cyber Trap? The Rising Danger of AsyncRAT Malware

Authored by Neil Tyagi In cybersecurity, threats constantly evolve, and new ways to exploit unsuspecting users are...

Malware blog

McAfee

How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections

Trend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions.

Ransom blog

Trend Micro

Identifying Rogue AI

This is the third blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights

AI blog

Trend Micro

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC

We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China.

APT blog

Trend Micro

Vulnerabilities in Cellular Packet Cores Part IV: Authentication

Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC), both of which have now been resolved and are discussed in this blog post.

Vulnerebility blog

Trend Micro

Critical Exploit in MediaTek Wi-Fi Chipsets: Zero-Click Vulnerability (CVE-2024-20017) Threatens Routers and Smartphones

Overview The SonicWall Capture Labs threat research team became aware of the threat CVE-2024-20017, assessed its impact and developed mitigation measures for the vulnerability. CVE-2024-20017 is a critical zero-click vulnerability with a CVSS 3.0 score

Vulnerebility blog

SonicWall

Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool

This article discusses the discovery of a new post-exploitation red team tool called Splinter that we found on customer systems using Advanced WildFire’s memory scanning tools. Penetration testing toolkits and adversary simulation frameworks are often useful for identifying potential security issues in a company's network.

Exploit blog

Palo Alto

FBI, CISA warning over false claims of hacked voter data – Week in security with Tony Anscombe

With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process

BigBrother blog

Eset

Influencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6)

How do analyst relations professionals 'sort through the noise' and help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out

Social blog

Eset

Understanding cyber-incident disclosure

Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help

Cyber blog

Eset

ESET Research Podcast: EvilVideo

ESET researchers discuss how they uncovered a zero-day Telegram for Android exploit that allowed attackers to send malicious files posing as videos

Malware blog

Eset

AI security bubble already springing leaks

Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one

AI blog

Eset

The Iranian Cyber Capability

In this blog, we will provide an overview of the Iranian threat landscape and discuss the tools, tactics and techniques used by these groups.

APT blog

Trelix

Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware

Microsoft says a ransomware affiliate it tracks as Vanilla Tempest now targets U.S. healthcare organizations in INC ransomware attacks.

Ransom

BleepingComputer

X hacking spree fuels "$HACKED" crypto token pump-and-dump

An X account hacking spree has fueled a successful pump-and-dump scheme for the $HACKED Solana token, with people rushing to buy the coin.

Social

BleepingComputer

Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware

​Microsoft says a ransomware affiliate it tracks as Vanilla Tempest now targets U.S. healthcare organizations in INC ransomware attacks.

Ransom

BleepingComputer

GitLab releases fix for critical SAML authentication bypass flaw

GitLab has released security updates to address a critical SAML authentication bypass vulnerability impacting self-managed installations of the GitLab Community Edition (CE) and Enterprise Edition (EE).

Vulnerebility

BleepingComputer

Microsoft may have revealed Windows 11 24H2 is coming this month

Microsoft may have accidentally confirmed that Windows 11 24H2 (Windows 11 2024 Update) is arriving on September 24 as part of the optional preview update, with it rolling out to more people as part of the mandatory October Patch Tuesday updates.

OS

BleepingComputer

Apple pulls iPadOS 18 update bricking M4 iPad Pro devices

Apple has paused the rollout of iPadOS 18 on iPad Pro tablets with the M4 chip after numerous owners reported the update is "bricking" their devices, with no way to turn them on after performing the update.

OS

BleepingComputer

Chinese botnet infects 260,000 SOHO routers, IP cameras with malware

The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called "Raptor Train" that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries.

BotNet

BleepingComputer

Russian security firm Dr.Web disconnects all servers after breach

On Tuesday, Russian anti-malware company Doctor Web (Dr.Web) disclosed a security breach after its systems were targeted in a cyberattack over the weekend.

Incindent

BleepingComputer

Temu denies breach after hacker claims theft of 87 million data records

Temu denies it was hacked or suffered a data breach after a threat actor claimed to be selling a stolen database containing 87 million records of customer information.

Incindent

BleepingComputer

Broadcom fixes critical RCE bug in VMware vCenter Server

Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet.

Vulnerebility

BleepingComputer

Construction firms breached in brute force attacks on accounting software

Hackers are brute-forcing passwords for highly privileged accounts on exposed Foundation accounting servers, widely used in the construction industry, to breach corporate networks.

Incindent

BleepingComputer

AT&T pays $13 million FCC settlement over 2023 data breach

The Federal Communications Commission (FCC) has reached a $13 million settlement with AT&T to resolve a probe into whether the telecom giant failed to protect customer data after a vendor's cloud environment was breached three years ago.

Incindent

BleepingComputer

CISA urges software devs to weed out XSS vulnerabilities

CISA and the FBI urged tech companies to review their software and eliminate cross-site scripting (XSS) vulnerabilities before shipping.

BigBrothers

BleepingComputer

Ransomware gangs now abuse Microsoft Azure tool for data theft

Ransomware gangs like BianLian and Rhysida increasingly use Microsoft's Azure Storage Explorer and AzCopy to steal data from breached networks and store it in Azure Blob storage.

Ransom

BleepingComputer

PKfail Secure Boot bypass remains a significant risk two months later

Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit malware attacks.

Incindent

BleepingComputer

Over 1,000 ServiceNow instances found leaking corporate KB data

Over 1,000 misconfigured ServiceNow enterprise instances were found exposing Knowledge Base (KB) articles that contained sensitive corporate information to external users and potential threat actors.

Security

BleepingComputer

CISA warns of Windows flaw used in infostealer malware attacks

​CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the Void Banshee APT hacking group.

BigBrothers

BleepingComputer

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices.

Exploit

BleepingComputer

Microsoft rolls out Office LTSC 2024 for Windows and Mac

​Microsoft has announced that Office LTSC (Long Term Servicing Channel) 2024, a volume-licensed and perpetual version of Office for Windows and macOS users, is now available for commercial and government customers.

OS

BleepingComputer

US cracks down on spyware vendor Intellexa with more sanctions

Today, the U.S. Department of the Treasury has sanctioned five executives and one entity linked to the Intellexa Consortium for developing and distributing Predator commercial spyware.

BigBrothers

BleepingComputer

Chrome switching to NIST-approved ML-KEM quantum encryption

Google announced updates in the post-quantum cryptographic key encapsulation mechanism used in the Chrome browser, specifically, the swap of Kyber used in hybrid key exchanges with Module Lattice Key Encapsulation Mechanism (ML-KEM).

Safety

BleepingComputer

D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers

D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials.

Vulnerebility

BleepingComputer

Windows vulnerability abused braille “spaces” in zero-day attacks

A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group.

APT

BleepingComputer

Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials

Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to

BigBrothers

The Hacker News

Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East

An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to

APT

The Hacker News

Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature

Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux,

Safety

The Hacker News

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the

Vulnerebility

The Hacker News

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software , according to

Hack

The Hacker News

New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails

A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a

Virus

The Hacker News

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server

Cryptocurrency

The Hacker News

Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector

Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first

Ransom

The Hacker News

GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions

GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result

Vulnerebility

The Hacker News

New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and

IoT

The Hacker News

Chinese Engineer Charged in U.S. for Years-Long Cyber Espionage Targeting NASA and Military

A Chinese national has been indicted in the U.S. on charges of conducting a "multi-year" spear-phishing campaign to obtain

APT

The Hacker News

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

A North Korea-linked cyber-espionage group has been observed leveraging job-themed phishing lures to target prospective victims in

APT

The Hacker News

Chrome Introduces One-Time Permissions and Enhanced Safety Check for Safer Browsing

Google has announced that it's rolling out a new set of features to its Chrome browser that gives users more control over their data when

Safety

The Hacker News

GSMA Plans End-to-End Encryption for Cross-Platform RCS Messaging

The GSM Association (GSMA), the governing body that oversees the development of the Rich Communications Services (RCS) protocol,

BigBrothers

The Hacker News

Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution

Broadcom on Tuesday released updates to address a critical security flaw impacting VMware vCenter Server that could pave the way for

Vulnerebility

The Hacker News

Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense

Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to

Safety

The Hacker News

U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation

The U.S. Department of Treasury has imposed fresh sanctions against five executives and one entity with ties to the Intellexa

BigBrothers

The Hacker News

Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

Cryptocurrency exchange Binance is warning of an "ongoing" global threat that's targeting cryptocurrency users with clipper malware with

Cryptocurrency

The Hacker News

SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks

SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical

Vulnerebility

The Hacker News

Google Fixes GCP Composer Flaw That Could've Led to Remote Code Execution

A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve

Vulnerebility

The Hacker News

North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware

Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on

APT

The Hacker News

Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure

Apple has filed a motion to "voluntarily" dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk

OS

The Hacker News

Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks

Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver

Phishing

The Hacker News

YARA 4.5.2 Release

YARA 4.5.2 was released with 3 small changes and 4 bugfixes.

SANS

Finding Honeypot Data Clusters Using DBSCAN: Part 2

In an earlier diary, I reviewed how using tools like DBSCAN can be useful to group similar data. I used DBSCAN to try and group similar commands submitted to Cowrie and URL paths submitted to the DShield web honeypot.

SANS

Python Libraries Used for Malicious Purposes

Since I’m interested in malicious Python scripts, I found multiple samples that rely on existing libraries.

SANS

FBI tells public to ignore false claims of hacked voter data

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks.

BigBrothers

BleepingComputer

Malware locks browser in kiosk mode to steal Google credentials

A malware campaign uses the unusual method of locking users in their browser's kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware.

Virus

BleepingComputer

Port of Seattle hit by Rhysida ransomware in August attack

Port of Seattle, the United States government agency overseeing Seattle's seaport and airport, confirmed on Friday that the Rhysida ransomware operation was behind a cyberattack impacting its systems over the last three weeks.

Ransom

BleepingComputer

TfL requires in-person password resets for 30,000 employees after hack

​Transport for London (TfL) says that all staff (roughly 30,000 employees) must attend in-person appointments to verify their identities and reset passwords following a cybersecurity incident disclosed almost two weeks ago.

CyberCrime

BleepingComputer

23andMe to pay $30 million in genetics data breach settlement

DNA testing giant 23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023.

Incindent

BleepingComputer

Ivanti warns high severity CSA flaw is now exploited in attacks

Ivanti confirmed on Friday that a high severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited in attacks.

Exploit

BleepingComputer

New Linux malware Hadooken targets Oracle WebLogic servers

Hackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named "Hadooken," which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks

Virus

BleepingComputer

RansomHub claims Kawasaki cyberattack, threatens to leak stolen data

Kawasaki Motors Europe has announced that it's recovering from a cyberattack that caused service disruptions as the RansomHub ransomware gang threatens to leak stolen data.

Ransom

BleepingComputer

New Vo1d malware infects 1.3 million Android streaming boxes

Threat actors have infected over 1.3 million TV streaming boxes running Android with a new Vo1d backdoor malware, allowing the attackers to take full control of the devices.

Virus

BleepingComputer

FBI: Reported cryptocurrency losses reached $5.6 billion in 2023

The FBI says that 2023 was a record year for cryptocurrency fraud, with total losses exceeding $5.6 billion, based on nearly 70,000 reports received through the Internet Crime Complaint Center (IC3).

Cryptocurrency

BleepingComputer

Fortinet confirms data breach after hacker claims to steal 440GB of files

Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft Sharepoint server.

Incindent

BleepingComputer

UK arrests teen linked to Transport for London cyber attack

U.K.'s National Crime Agency says it arrested a 17-year-old teenager who is suspected of being connected to the cyberattack on Transport for London, the city's public transportation agency.

CyberCrime

BleepingComputer

Hackers targeting WhatsUp Gold with public exploit since August

Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software.

Exploit

BleepingComputer

Transport for London confirms customer data stolen in cyberattack

Transport for London (TfL) has determined that the cyberattack on September 1 impacts customer data, including names, contact details, email addresses, and home addresses.

Incindent

BleepingComputer

GitLab warns of critical pipeline execution vulnerability

GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions.

Vulnerebility

BleepingComputer

Fake password manager coding test used to hack Python developers

Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware.

Hack

BleepingComputer

Adobe fixes Acrobat Reader zero-day with public PoC exploit

A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a public in-the-wild proof-of-concept exploit.

Exploit

BleepingComputer

Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities

In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671.

Vulnerebility blog

Trend Micro

Earth Preta Evolves its Attacks with New Malware and Strategies

In this blog entry, we discuss our analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign.

Malware blog

Trend Micro

CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective

In this report, Cybereason confirms the ties between Cuckoo Spear and APT10 Intrusion Set by tying multiple incidents together and disclosing new information about this group’s new arsenal and techniques

APT blog

Cybereason

Chinese APT Abuses VSCode to Target Government in Asia

Unit 42 researchers recently found that Stately Taurus abused the popular Visual Studio Code software in espionage operations targeting government entities in Southeast Asia. Stately Taurus is a Chinese advanced persistent threat (APT) group that carries out cyberespionage attacks.

APT blog

Palo Alto

Key Group Russian Ransomware Gang Uses Extensive Multi-purpose Telegram Channel

The SonicWall Capture Labs threat research team has been recently tracking ransomware known as Key Group. Key Group is a Russian-based malware threat group that was formed in early 2023. 

Ransom blog

SonicWall

Hold – Verify – Execute: Rise of Malicious POCs Targeting Security Researchers

While investigating CVE-2024-5932, a code injection vulnerability in the GiveWP WordPress plugin, our team encountered a malicious Proof of Concept (POC) targeting cybersecurity professionals. This has become a growing threat to cybersecurity professionals from threat actors to achieve their motives, such as crypto mining, data exfiltration and backdoor installation

Vulnerebility blog

SonicWall

Microsoft Security Bulletin Coverage For September 2024

Microsoft’s September 2024 Patch Tuesday has 79 vulnerabilities, of which 30 are Elevation of Privilege. SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of September 2024 and has produced coverage for 9 of the reported vulnerabilities.

OS Blog

SonicWall

Targeted Iranian Attacks Against Iraqi Government Infrastructure

Check Point Research discovered a new set of malware called Veaty and Spearal that was used in attacks against different Iraqi entities including government networks.

APT blog

Checkpoint

DragonRank, a Chinese-speaking SEO manipulator service provider

Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operating PlugX and BadIIS for search engine optimization (SEO) rank manipulation

APT blog

Cisco Blog

The 2024 Threat Landscape State of Play

Talos' Nick Biasini discusses the biggest shifts and trends in the threat landscape so far. We also focus on one state sponsored actor that has been particularly active this year, and talk about why defenders need to be paying closer attention to infostealers.

Security blog

Cisco Blog

Vulnerability in Tencent WeChat custom browser could lead to remote code execution

While this issue was disclosed and patched in the V8 engine in June 2023, the WeChat Webview component was not updated, and still remained vulnerable when Talos reported it to the vendor.

Vulnerebility blog

Cisco Blog

Watch our new documentary, "The Light We Keep: A Project PowerUp Story"

The Light We Keep documentary tells the story of the consequences of electronic warfare in Ukraine and its effect on power grids across the country.

Security blog

Cisco Blog

We can try to bridge the cybersecurity skills gap, but that doesn’t necessarily mean more jobs for defenders

A June report from CyberSeek found that there are only enough skilled workers to fill 85 percent of cybersecurity jobs in America.

Security blog

Cisco Blog

Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API

CVE-2024-38257 is considered “less likely” to be exploited, though it does not require any user interaction or user privileges.

Vulnerebility blog

Cisco Blog

Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score

September’s monthly round of patches from Microsoft included 79 vulnerabilities, seven of which are considered critical.

Vulnerebility blog

Cisco Blog

The best and worst ways to get users to improve their account security

In my opinion, mandatory enrollment is best enrollment.

Security blog

Cisco Blog

Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads

The threat of VBA macros has diminished since Microsoft prevented the execution of macros in Microsoft Office documents downloaded from the internet, but not all users are using the latest up-to-date Office versions and can still be vulnerable.

Malware blog

Cisco Blog

CosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony Anscombe

ESET research also finds that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends

Ransom blog

Eset

6 common Geek Squad scams and how to defend against them

Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks

Spam blog

Eset

CosmicBeetle steps up: Probation period at RansomHub

CosmicBeetle, after improving its own ransomware, tries its luck as a RansomHub affiliate

Ransom blog

Eset

WordPress.org to require 2FA for plugin developers by October

Starting October 1st, WordPress.org accounts that can push updates and changes to plugins and themes will be required to activate two-factor authentication (2FA) on their accounts.

Safety

BleepingComputer

Chinese hackers linked to cybercrime syndicate arrested in Singapore

Six Chinese nationals and a Singaporean have been arrested on Monday in Singapore for their alleged role in malicious cyber activities committed in connection with a "global syndicate."

CyberCrime

BleepingComputer

Microsoft fixes Windows Server performance issues from August updates

Microsoft says this month's Patch Tuesday cumulative updates also fix a known issue causing Windows Server 2019 boot problems, freezes, and performance issues after installing the August 2024 security updates.

OS

BleepingComputer

Ivanti fixes maximum severity RCE bug in Endpoint Management software

Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server.

Vulnerebility

BleepingComputer

New PIXHELL acoustic attack leaks secrets from LCD screen noise

A novel acoustic attack named 'PIXHELL' can leak secrets from air-gapped and audio-gapped systems, and without requiring speakers, through the LCD monitors they connect to.

Attack

BleepingComputer

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software

The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to attempt disabling endpoint detection and response (EDR) services on target systems.

Ransom

BleepingComputer

Windows 10 KB5043064 update released with 6 fixes, security updates

Microsoft has released the KB5043064 cumulative update for Windows 10 22H2 and Windows 10 21H2, which includes 6 changes and fixes, including a fix for Bluetooth devices that stop working due to a memory leak.

OS

BleepingComputer

Microsoft fixes Windows Smart App Control zero-day exploited since 2018

Microsoft has fixed a Windows Smart App Control and SmartScreen flaw that has been exploited in attacks as a zero-day since at least 2018.

OS

BleepingComputer

Windows 11 KB5043076 cumulative update released with 19 changes

Microsoft has released the mandatory Windows 11 23H2 KB5043076 cumulative update to fix security vulnerabilities and make 19 improvements.

OS

BleepingComputer

Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws

Today is Microsoft's September 2024 Patch Tuesday, which includes security updates for 79 flaws, including three actively exploited and one publicly disclosed zero-days.

OS

BleepingComputer

Wix to block Russian users starting September 12

Wix.com has announced it will stop providing services to Russian users on September 12, 2024, with all accounts from Russia, including free and premium, to be blocked and their websites taken down

BigBrothers

BleepingComputer

Microsoft to start force-upgrading Windows 22H2 systems next month

Microsoft announced that Windows 11 installs reaching the end of support next month, on October 8, will be force-upgraded to Windows 11 23H2.

OS

BleepingComputer

Navigating Endpoint Privilege Management: Insights for CISOs and Admins

Understanding endpoint privilege management is key to defending organizations from advanced attacks. Learn more from ThreatLocker on using endpoint privilege management to better secure your org's systems.

Security

BleepingComputer

Flipper Zero releases Firmware 1.0 after three years of development

After three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable digital hacking device.

Security

BleepingComputer

NoName ransomware gang deploying RansomHub malware in recent attacks

The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate.

Ransom

BleepingComputer

Ivanti Warns of Active Exploitation of Newly Patched Cloud Appliance Vulnerability

Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190

Vulnerebility

The Hacker News

Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully

Exploit

The Hacker News

17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for London

British authorities on Thursday announced the arrest of a 17-year-old male in connection with a cyber attack affecting Transport for

CyberCrime

The Hacker News

TrickMo Android Trojan Exploits Accessibility Services for On-Device Banking Fraud

Cybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new

Virus

The Hacker News

Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw

Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in

Exploit

The Hacker News

New Linux Malware Campaign Exploits Oracle Weblogic to Mine Cryptocurrency

Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining

Cryptocurrency

The Hacker News

New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram

Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at

Virus

The Hacker News

Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution

GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an

Vulnerebility

The Hacker News

Beware: New Vo1d Malware Infects 1.3 Million Android TV Boxes Worldwide

Nearly 1.3 million Android-based TV boxes running outdated versions of the operating system and belonging to users spanning 197

Virus

The Hacker News

Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking

Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns.

Cryptocurrency

The Hacker News

Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack

Iraqi government networks have emerged as the target of an "elaborate" cyber attack campaign orchestrated by an Iran state-

APT

The Hacker News

Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

The Irish Data Protection Commission (DPC) has announced that it has commenced a "Cross-Border statutory inquiry" into Google's

AI

The Hacker News

WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers

WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes

Security

The Hacker News

Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances

The operators of the mysterious Quad7 botnet are actively evolving by compromising several brands of SOHO routers and VPN

BotNet

The Hacker News

DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe

A "simplified Chinese-speaking actor" has been linked to a new campaign that has targeted multiple countries in Asia and Europe

APT

The Hacker News

Fake recruiter coding tests target devs with malicious Python packages

RL found the VMConnect campaign continuing with malicious actors posing as recruiters, using packages and the names of financial firms to lure developers.

APT

ReversingLabs

Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged

CyberCrime

The Hacker News

Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of

APT

The Hacker News

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active

Vulnerebility

The Hacker News

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical

Vulnerebility

The Hacker News

CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub

The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and

Ransom

The Hacker News

Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia

A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as

APT

The Hacker News

New PIXHELL Attack Exploits LCD Screen Noise to Exfiltrate Data from Air-Gapped Computers

A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the "audio gap" and

Attack

The Hacker News

Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments

The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and

APT

The Hacker News

New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks

A novel side-channel attack has been found to leverage radio signals emanated by a device's random access memory (RAM) as a data

Attack

The Hacker News

Critical SonicWall SSLVPN bug exploited in ransomware attacks

Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks.

Ransom

BleepingComputer

Quad7 botnet targets more SOHO and VPN routers, media servers

The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers.

BotNet

BleepingComputer

Chinese hackers use new data theft malware in govt attacks

New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks.

APT

BleepingComputer

Highline Public Schools closes schools following cyberattack

Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack.

Hack

BleepingComputer

Meta fixes easily bypassed WhatsApp ‘View Once’ privacy feature

A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app's "View once" feature and view messages again.

Social

BleepingComputer

Payment gateway data breach affects 1.7 million credit card owners

Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals.

Incindent

BleepingComputer

Progress LoadMaster vulnerable to 10/10 severity RCE flaw

Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device.

Vulnerebility

BleepingComputer

Blind Eagle Targets Colombian Insurance Sector with Customized Quasar RAT

The Colombian insurance sector is the target of a threat actor tracked as Blind Eagle with the end goal of delivering a customized

Virus

The Hacker News

Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks

The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code

APT

The Hacker News

Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor

Progress Software has released security updates for a maximum-severity flaw in LoadMaster and Multi-Tenant (MT) hypervisor that

Vulnerebility

The Hacker News

New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat

Virus

The Hacker News

TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign

A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers

BigBrothers

The Hacker News

U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks

The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet

BigBrothers

The Hacker News

Sextortion scam now use your "cheating" spouse’s name as a lure

A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof.

Spam

BleepingComputer

New RAMBO attack steals data using RAM in air-gapped computers

A novel side-channel attack dubbed  "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device's RAM to send data from air-gapped computers.

Attack

BleepingComputer

Transport for London staff faces systems disruptions after cyberattack

​Transport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack.

Incindent

BleepingComputer

Car rental giant Avis discloses data breach impacting customers

American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information.

Incindent

BleepingComputer

Microsoft Office 2024 to disable ActiveX controls by default

After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps.

Security

BleepingComputer

SpyAgent Android malware steals your crypto recovery phrases from images

A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device.

OS

BleepingComputer

SonicWall SSLVPN access control flaw is now exploited in attacks

SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible.

Vulnerebility

BleepingComputer

Apache fixes critical OFBiz remote code execution vulnerability

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Vulnerebility

BleepingComputer

Microsoft removes revenge porn from Bing search using new tool

Microsoft announced today that it has partnered with StopNCII to proactively remove harmful intimate images and videos from Bing using digital hashes people create from their sensitive media.

Security

BleepingComputer

Russian military hackers linked to critical infrastructure attacks

The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear) behind global critical infrastructure attacks to Unit 29155 of Russia's Main Directorate of the General Staff of the Armed Forces (also known as GRU).

BigBrothers

BleepingComputer

LiteSpeed Cache bug exposes 6 million WordPress sites to takeover attacks

Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites.

Hack

BleepingComputer

Musician charged with $10M streaming royalties fraud using AI and bots

North Carolina musician Michael Smith was indicted for collecting over $10 million in royalty payments from Spotify, Amazon Music, Apple Music, and YouTube Music using AI-generated songs streamed by thousands of bots in a massive streaming fraud scheme.

AI

BleepingComputer

Veeam warns of critical RCE flaw in Backup & Replication software

Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.

Vulnerebility

BleepingComputer

Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords

Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware.

CyberCrime

BleepingComputer

Planned Parenthood confirms cyberattack as RansomHub claims breach

Planned Parenthood has confirmed it suffered a cyberattack affecting its IT systems, forcing it to take parts of its infrastructure offline to contain the damage.

Ransom

BleepingComputer

Microchip Technology confirms data was stolen in cyberattack

American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang.

Incindent

BleepingComputer

Red team tool ‘MacroPack’ abused in attacks to deploy Brute Ratel

The MacroPack framework, initially designed for Red Team exercises, is being abused by threat actors to deploy malicious payloads, including Havoc, Brute Ratel, and PhatomCore.

Hack

BleepingComputer

US cracks down on Russian disinformation before 2024 election

The FBI seized 32 web domains used by the Doppelgänger Russian-linked influence operation network in a disinformation campaign targeting the American public ahead of this year's presidential election.

BigBrothers

BleepingComputer

Cisco fixes root escalation vulnerability with public exploit code

Cisco has fixed a command injection vulnerability in the Identity Services Engine (ISE) with public exploit code that lets attackers escalate privileges to root on vulnerable systems.

Exploit

BleepingComputer

New Eucleak attack lets threat actors clone YubiKey FIDO keys

A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico's YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm (ECDSA) secret keys and clone the FIDO device.

Attack

BleepingComputer

Cisco warns of backdoor admin account in Smart Licensing Utility

Cisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be used to log into unpatched systems with administrative privileges.

Virus

BleepingComputer

Hackers inject malicious JS in Cisco store to steal credit cards, credentials

Cisco's site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided at checkout.

CyberCrime

BleepingComputer

Google backports fix for Pixel EoP flaw to other Android devices

Google has released the September 2024 Android security updates to fix 34 vulnerabilities, including CVE-2024-32896, an actively exploited elevation of privilege flaw that was previously fixed on Pixel devices.

OS

BleepingComputer

Criminal IP Earns PCI DSS v4.0 Certification for Top-Level Security

AI Spera has achieved PCI DSS v4.0 certification for its threat intel search engine solution, Criminal IP. Learn more from the Criminal IP cyber threat intelligence search engine.

Safety

BleepingComputer

Revival Hijack supply-chain attack threatens 22,000 PyPI packages

Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks.

Hack

BleepingComputer

FTC: Over $110 million lost to Bitcoin ATM scams in 2023

The U.S. Federal Trade Commission (FTC) has reported a massive increase in losses to Bitcoin ATM scams, nearly ten times the amount from 2020 and reaching over $110 million in 2023.

BigBrothers

BleepingComputer

Zyxel warns of critical OS command injection flaw in routers

Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command injection.

Vulnerebility

BleepingComputer

New Windows PowerToy launches, repositions apps to saved layouts

Microsoft has released a new Workspaces PowerToy that helps launch sets of applications using custom desktop layouts and configurations with a mouse click.

OS

BleepingComputer

North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams

Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake

APT

The Hacker News

FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals

Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that

BigBrothers

The Hacker News

TIDRONE Targets Military and Satellite Industries in Taiwan

Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones.

BigBrother blog