Beware: New ‘Rustbucket’ Malware Variant Targeting macOS Users
Researchers have pulled back the curtain on an updated version of an Apple macOS malware called Rustbucket that comes with...
News
Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks
Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing...
Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts
As many as 200,000 WordPress websites are at risk of ongoing attacks exploiting a critical unpatched security vulnerability in the...
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...
TSMC denies LockBit hack as ransomware gang demands $70 million
Chipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit ransomware gang demanded $70 million not to...
The Week in Ransomware – June 30th 2023 – Mistaken Identity
A case of mistaken identity and further MOVEit Transfer data breaches continue dominated the ransomware news cycle this week. This...
New proxyjacking attacks monetize hacked SSH servers’ bandwidth
Attackers behind an ongoing series of proxyjacking attacks are hacking into vulnerable SSH servers exposed online to monetize them through...
Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs
Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures...
Free Akira ransomware decryptor helps recover your files
Cybersecurity firm Avast has released a free decryptor for the Akira ransomware that can help victims recover their data without...
CISA issues DDoS warning after attacks hit multiple US orgs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of ongoing distributed denial-of-service (DDoS) attacks after U.S. organizations across...
US-CERT Vulnerability Summary for the Week of June 19, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Iranian Hackers Charming Kitten Utilize POWERSTAR Backdoor in Targeted Espionage Attacks
Charming Kitten, the nation-state actor affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC), has been attributed to a bespoke spear-phishing...
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...
WhatsApp Upgrades Proxy Feature Against Internet Shutdowns
Meta's WhatsApp has rolled out updates to its proxy feature, allowing more flexibility in the kind of content that can...
3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage
In today's fast-paced digital landscape, the widespread adoption of AI (Artificial Intelligence) tools is transforming the way organizations operate. From...
Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign
An active financially motivated campaign is targeting vulnerable SSH servers to covertly ensnare them into a proxy network. "This is...
MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2023: Are You at Risk?
MITRE has released its annual list of the Top 25 "most dangerous software weaknesses" for the year 2023. "These weaknesses...
MITRE releases new list of top 25 most dangerous software bugs
MITRE shared today this year's list of the top 25 most dangerous weaknesses plaguing software during the previous two years....
New EarlyRAT malware linked to North Korean Andariel hacking group
Security analysts have discovered a previously undocumented remote access trojan (RAT) named 'EarlyRAT,' used by Andariel, a sub-group of the...
Proton launches open-source password manager with some limitations
Proton AG has announced the global availability of Proton Pass, an open-source and free-to-use password manager available as a browser...
Pro-Russia DDoSia hacktivist project sees 2,400% membership increase
The pro-Russia crowdsourced DDoS (distributed denial of service) project, 'DDoSia,' has seen a massive 2,400% growth in less than a...
Criminal IP Unveils Bug Bounty Program to Boost User Safety, Security
Criminal IP, an OSINT-based CTI search engine provided by AI SPERA, has recently announced the introduction of a bug bounty...
US-CERT Vulnerability Summary for the Week of June 19, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
From MuddyC3 to PhonyC2: Iran’s MuddyWater Evolves with a New Cyber Weapon
The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2 that's been...
