Tell Me Your Secrets Without Telling Me Your Secrets
The title of this article probably sounds like the caption to a meme. Instead, this is an actual problem GitGuardian's...
News
Alert: New WailingCrab Malware Loader Spreading via Shipping-Themed Emails
Delivery- and shipping-themed email messages are being used to deliver a sophisticated malware loader known as WailingCrab. "The malware itself...
Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
Cybersecurity researchers are warning of publicly exposed Kubernetes configuration secrets that could put organizations at risk of supply chain attacks....
Black Friday 2023: Get 25% off the Zero2Automated malware analysis course
The popular Zero2Automated malware analysis and reverse-engineering course has a Black Friday 2023 through Cyber Monday sale, where you can...
North Korea Blamed For CyberLink Supply Chain Attacks
North Korean hackers have been blamed for a sophisticated supply chain campaign in which they compromised legitimate multimedia software to...
British Library: Ransomware Attack Led to Data Breach
The British Library has revealed that HR data was stolen and leaked in a recent ransomware breach.The state-run institution, one...
US Seizes $9m From Pig Butchering Scammers
US authorities have announced the seizure of millions of dollars’ worth of cryptocurrency linked to a romance and investment fraud...
University of Manchester CISO Speaks Out on Summer Cyber-Attack
The University of Manchester’s CISO has highlighted how the institution approached remediation and recovery following the damaging cyber-incident it experienced...
Rug Pull Schemes: Crypto Investor Losses Near $1M
Check Point’s Threat Intel Blockchain system has revealed a new scam, shedding light on the persistent threat of Rug Pulls –...
North Korean Software Supply Chain Threat is Booming, UK and South Korea Warn
Software supply chain attacks conducted by North Korean hackers have skyrocketed over the past few years, according to UK and...
InfectedSlurs Botnet Resurrects Mirai With Zero-Days
The Akamai Security Incident Response Team (SIRT) has detected increased activity targeting a rarely used TCP port across its global...
US-CERT Vulnerability Summary for the Week of November 13, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocheckpoint -- endpoint_securityLocal attacker can escalate privileges on affected installations of Check...
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
A new phishing attack has been observed leveraging a Russian-language Microsoft Word document to deliver malware capable of harvesting sensitive...
6 Steps to Accelerate Cybersecurity Incident Response
Modern security tools continue to improve in their ability to defend organizations' networks and endpoints against cybercriminals. But the bad...
N. Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed...
Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks
An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video...
North Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed...
Open-source Blender project battling DDoS attacks since Saturday
Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started...
The Black Friday 2023 Security, IT, VPN, & Antivirus Deals
Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus,...
Malware dev says they can revive expired Google auth cookies
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies,...
Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops
Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks...
New botnet malware exploits two zero-days to infect NVRs and routers
A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers...
Microsoft: Lazarus hackers breach CyberLink in supply chain attack
Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers...
Kansas courts confirm data theft, ransom demand after cyberattack
The Kansas Judicial Branch has published an update on a cybersecurity incident it suffered last month, confirming that hackers stole...
