Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred...
News
Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability
F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public...
Massive cybercrime URL shortening service uncovered via DNS data
An actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four...
Canada bans WeChat and Kaspersky products on govt devices
Canada has banned the use of Kaspersky security products and Tencent's WeChat app on mobile devices used by government employees,...
Samsung Galaxy gets new Auto Blocker anti-malware feature
Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced...
Malicious NuGet packages abuse MSBuild to install malware
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware...
Dozens of countries will pledge to stop paying ransomware gangs
An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C.,...
Flipper Zero Bluetooth spam attacks ported to new Android app
Recent Flipper Zero Bluetooth spam attacks have now been ported to an Android app, allowing a much larger number of...
British Library knocked offline by weekend cyberattack
The British Library has been hit by a major IT outage affecting its website and many of its services following...
Atlassian warns of critical Confluence flaw leading to data loss
Australian software company Atlassian warned admins to immediately patch Internet-exposed Confluence instances against a critical security flaw that could lead...
Avast confirms it tagged Google app as malware on Android phones
Czech cybersecurity company Avast confirmed that its antivirus SDK has been flagging a Google Android app as malware on Huawei,...
US-CERT Vulnerability Summary for the Week of October 23, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info projectworlds_pvt._limited -- online_art_gallery Online Art Gallery v1.0 is vulnerable to multiple...
Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App
The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android...
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in "significant data...
Malicious NuGet Packages Caught Distributing SeroXen RAT Malware
Cybersecurity researchers have uncovered a new set of malicious packages published to the NuGet package manager using a lesser-known method...
Meta Launches Paid Ad-Free Subscription in Europe to Satisfy Privacy Laws
Meta on Monday announced plans to offer an ad-free option to access Facebook and Instagram for users in the European...
PentestPad: Platform for Pentest Teams
In the ever-evolving cybersecurity landscape, the game-changers are those who adapt and innovate swiftly. Pen test solutions not only supercharge...
Trojanized PyCharm Software Version Delivered via Google Search Ads
A new malvertising campaign has been observed capitalizing on a compromised website to promote spurious versions of PyCharm on Google...
Canada Bans WeChat and Kaspersky Apps On Government Devices
Canada on Monday announced a ban on the use of apps from Tencent and Kaspersky on government mobile devices, citing...
New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks
A new malware wiper known as BiBi-Linux is being used to destroy data in attacks targeting Linux systems belonging to...
Toronto Public Library services down following weekend cyberattack
The Toronto Public Library (TPL) is warning that many of its online services are offline after suffering a cyberattack over the...
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware
Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app,...
LastPass breach linked to theft of $4.4 million in crypto
Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases,...
SEC sues SolarWinds for misleading investors before 2020 hack
The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before...
