Fake WinRAR proof-of-concept exploit drops VenomRAT malware
A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect...
News
Free Download Manager releases script to check for Linux malware
The developers of Free Download Manager (FDM) have published a script to check if a Linux device was infected through...
P2PInfect botnet activity surges 600x with stealthier malware variants
The P2PInfect botnet worm is going through a period of highly elevated activity volumes starting in late August and then...
T-Mobile app glitch let users see other people’s account info
Today, T-Mobile customers said they could see other peoples' account and billing information after logging into the company's official mobile...
TransUnion denies it was hacked, links leaked data to 3rd party
Credit reporting firm TransUnion has denied claims of a security breach after a threat actor known as USDoD leaked data...
Brits Lose $9.3bn to Scams in a Year
Around 10% of British adults have lost money to fraudsters over the past year, amounting to estimated losses of £7.5bn...
#NITAM: Average Annual Cost of Insider Incidents Reaches $16.2m Per Organization
The average annual cost of insider risk incidents has risen to $16.2m per organization in 2023, up from $15.4m in...
Finnish Authorities Shutter Dark Web Drugs Marketplace
Investigators in Finland have seized and shut down a web server used to operate a local dark web marketplace.Piilopuoti opened...
#mWISE: US to Implement Game-Changing Cyber Mandates on Medical Devices
Cybersecurity in healthcare products will no longer be an afterthought in the US.From October 1, 2023, every new medical device...
International Criminal Court Reveals Security Breach
The International Criminal Court (ICC) yesterday confirmed the discovery of suspicious activity inside its IT network but revealed little else of...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace
Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade...
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and...
Trend Micro Releases Urgent Fix for Actively Exploited Critical Security Vulnerability
Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free...
Do You Really Trust Your Web Application Supply Chain?
Well, you shouldn't. It may already be hiding vulnerabilities.# It's the modular nature of modern web applications that has made...
GitLab Releases Urgent Security Patches for Critical Vulnerability
GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user....
Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys
Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate...
Signal Messenger Introduces PQXDH Quantum-Resistant Encryption
Encrypted messaging app Signal has announced an update to the Signal Protocol to add support for quantum resistance by upgrading...
Sophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RAT
Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families...
BlackCat ransomware hits Azure Storage with Sphynx encryptor
Image: Midjourney The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt...
TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams
TikTok is flooded by a surge of fake cryptocurrency giveaways posted to the video-sharing platform, with almost all of the...
Are your end-users’ passwords compromised? Here’s how to check.
Passwords have long been used as the primary gatekeepers of digital security, yet they can also be a weak link...
Bumblebee malware returns in new attacks abusing WebDAV folders
The malware loader 'Bumblebee' has broken its two-month vacation with a new campaign that employs new distribution techniques that abuse...
APT36 state hackers infect Android devices using YouTube app clones
The APT36 hacking group, aka 'Transparent Tribe,' has been observed using at least three Android apps that mimic YouTube to infect...
