Chinese Hackers Target US, Other Govts With Barracuda Flaw
Cybersecurity firm Mandiant has unveiled the details of a sophisticated global espionage campaign allegedly orchestrated by a Chinese-nexus threat group...
News
FBI-Led Operation Duck Hunt Shuts Down QakBot Malware
The FBI has led a multinational law enforcement operation that has successfully dismantled QakBot, a leading malware loader used by...
Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security
New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by...
US-CERT Vulnerability Summary for the Week of August 21, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoqemu -- qemuThe hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model...
FBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 Million
A coordinated law enforcement effort codenamed Operation Duck Hunt has felled QakBot, a notorious Windows malware family that's estimated to...
Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks
VMware has released software updates to correct two security vulnerabilities in Aria Operations for Networks that could be potentially exploited...
MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature
A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June...
Malicious npm Packages Aim to Target Developers for Source Code Theft
An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and...
Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits
Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild,...
China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users
Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy...
How to Prevent ChatGPT From Stealing Your Content & Traffic
ChatGPT and similar large language models (LLMs) have added further complexity to the ever-growing online threat landscape. Cybercriminals no longer...
Hackers exploit critical Juniper RCE bug chain after PoC release
Hackers are using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration...
University of Michigan shuts down network after cyberattack
The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing...
US govt email servers hacked in Barracuda zero-day attacks
Suspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security...
Genshin Impact dev will sue Kaveh Hacks users and developers
Genshin Impact developer miHoYohas responded to an in-game hacking situation that has caused problems recently in its player community, warning...
New Android MMRat malware uses Protobuf protocol to steal your data
A novel Android banking malware named MMRat utilizes a rarely used communication method, protobuf data serialization, to more efficiently steal data from...
Microsoft adds HSTS support to Exchange Server 2016 and 2019
Microsoft announced today that Exchange Server 2016 and 2019 now come with support for HTTP Strict Transport Security (also known...
DreamBus malware exploits RocketMQ flaw to infect servers
Image: Midjourney A new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers...
Qakbot botnet dismantled after infecting over 700,000 computers
Qakbot, one of the largest and longest-running botnets to date, was taken down following a multinational law enforcement operation spearheaded...
How the FBI nuked Qakbot malware from infected Windows PCs
The FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized...
Four in Five Cyber-Attacks Powered by Just Three Malware Loaders
Cybersecurity provider ReliaQuest observed that cyber-criminals used seven different malware loaders to deploy their intrusion campaigns in the first half...
LockBit 3.0 Ransomware Variants Surge Post Builder Leak
The leak of the LockBit 3.0 ransomware builder has triggered a surge in personalized variants, impacting various organizations. Writing in an...
Report Reveals Growing Disparity in Cyber Insurance Landscape
Delinea’s 2023 State of Cyber Insurance Report has revealed a growing disconnect between carriers and enterprises seeking robust coverage. Insights...
Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platforms
Microsoft has observed a proliferation of adversary-in-the-middle (AiTM) techniques deployed through phishing-as-a-service (PhaaS) platforms, the company explained in a series...
