RapperBot DDoS malware adds cryptojacking as new revenue stream
New samples of the RapperBot botnet malware have added cryptojacking capabilites to mine for cryptocurrency on compromised Intel x64 machines....
News
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Google Announces New Privacy, Safety, and Security Features Across Its Services
Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The...
Sophisticated DownEx Malware Campaign Targeting Central Asian Governments
Government organizations in Central Asia are the target of a sophisticated espionage campaign that leverages a previously undocumented strain of...
Why Honeytokens Are the Future of Intrusion Detection
A few weeks ago, the 32nd edition of RSA, one of the world's largest cybersecurity conferences, wrapped up in San...
Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
Cybersecurity researchers have shared details about a now-patched security flaw in Windows MSHTML platform that could be abused to bypass...
Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison
A U.K. national has pleaded guilty in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding...
U.S. Government Neutralizes Russia’s Most Sophisticated Snake Cyber Espionage Tool
The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known...
Microsoft’s May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including one zero-day bug that...
Criminal IP FDS: A WordPress Plugin to Block Brute Force Attacks
As cybersecurity threats continue to evolve, brute-force attacks have become a growing concern. To address this issue, AI Spera released...
FBI nukes Russian Snake data theft malware with self-destruct command
Cybersecurity and intelligence agencies from all Five Eyes member nations took down the infrastructure used by the Snake cyber-espionage malware...
Food distribution giant Sysco warns of data breach after cyberattack
Sysco, a leading global food distribution company, has confirmed that its network was breached earlier this year by attackers who...
Spanish police dismantle phishing operation linked to crime ring
The National Police of Spain have arrested two hackers, 15 members of a criminal organization, and another 23 people involved...
New Linux kernel NetFilter flaw gives attackers root privileges
A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level,...
GitHub now auto-blocks token and API key leaks for all repos
GitHub is now automatically blocking the leak of sensitive information like API keys and access tokens for all public code...
Critical Ruckus RCE flaw exploited by new DDoS botnet malware
A new malware botnet named 'AndoryuBot' is targeting a critical-severity flaw in the Ruckus Wireless Admin panel to infect unpatched...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors. The takedown...
Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps
A gambling company in the Philippines was the target of a China-aligned threat actor as part of a campaign that...
Product Security: Harnessing the Collective Experience and Collaborative Tools in DevSecOps
In the fast-paced cybersecurity landscape, product security takes center stage. DevSecOps swoops in, seamlessly merging security practices into DevOps, empowering...
Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability
Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software,...
Researchers Uncover SideWinder’s Latest Server-Based Polymorphism Technique
The advanced persistent threat (APT) actor known as SideWinder has been accused of deploying a backdoor in attacks directed against...
New Ransomware Strain ‘CACTUS’ Exploits VPN Flaws to Infiltrate Networks
Cybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws...
QR codes used in fake parking tickets, surveys to steal your money
As QR codes continue to be heavily used by legitimate organizations—from Super Bowl advertisements to enforcing parking fees and fines,...
