BlackCat ransomware, a very sophisticated malware written in Rust
BlackCat is the first professional ransomware strain that was written in the Rust programming language, researchers reported. Malware researchers from...
News
The life cycle of phishing pages
Introduction In this study, we analyzed how long phishing pages survive as well as the signs they show when they...
Dark Mirai botnet spreads targeting RCE on TP-Link routers
A botnet tracked as Dark Mirai spreads by exploiting a new vulnerability affecting TP-Link TL-WR840N EU V5 home routers. Dark...
Mozilla fixed high-severity bugs in Firefox and Thunderbird mail client
Mozilla released security updates for the Firefox browser and Thunderbird mail client to address multiple vulnerabilities. Mozilla released security updates...
Fake job interviews plague major game developers like Riot Games and Rockstar
If you’re job hunting at the moment, be on your guard. The pandemic is still around. Lots of people are...
Has your WordPress site been backdoored by a skimmer?
Skimmers and other threat actors are backdooring websites, and WordPress instances in particular, according to a recently released report. Researchers...
Crooks injects e-skimmers in random WordPress plugins of e-stores
Threat actors are injecting credit card swipers into random plugins of e-commerce WordPress sites, Sucuri researchers warn. Sucuri researchers are...
What is a search engine and why does anyone care which one you use?
An attempt at a simple definition: a search engine is a software system that allows users to find content on...
Tens of malicious NPM packages caught hijacking Discord servers
Researches from cybersecurity firm JFrog found 17 malicious packages on the NPM package repository hijacking Discord servers. JFrog researchers have...
Moobot botnet spreads by exploiting CVE-2021-36260 flaw in Hikvision products
Moobot is a Mirai-based botnet that is leveraging a critical command injection vulnerability in the webserver of some Hikvision products....
Microsoft Vancouver leaking website credentials via overlooked DS_STORE file
CyberNews researchers discovered a Desktop Services Store (DS_STORE) file left on a publicly accessible web server that belongs to Microsoft...
SonicWall strongly urges customers to apply patches to SMA 100 devices
SonicWall strongly urges customers using SMA 100 series appliances to install security patches that address multiple security flaws, some of...
CS Energy foiled a ransomware attack
A cyberattack hit CS Energy in Australia on Saturday, November 27, experts believe the attack was orchestrated by Chinese hackers....
Vulnerability in Windows 10 URI handler leads to remote code execution
Researchers at Positive Security have discovered a drive-by remote code-execution (RCE) bug in Windows 10. The vulnerability can be triggered...
Was threat actor KAX17 de-anonymizing the Tor network?
A mysterious threat actor has run thousands of malicious servers in entry, middle, and exit positions of the Tor network....
Emotet directly drops Cobalt Strike beacons without intermediate Trojans
The Emotet malware continues to evolve, in the latest attacks, it directly installs Cobalt Strike beacons to give the attackers...
The story of the year: ransomware in the headlines
In the past twelve months, the word “ransomware” has popped up in countless headlines worldwide across both print and digital...
Is your web browser vulnerable to data theft? XS-Leak explained
In recent news, IT security researchers from Ruhr-Universität Bochum (RUB) and the Niederrhein University of Applied Sciences have disclosed 14...
Google disrupts the Glupteba botnet
Google announced to have disrupted the Glupteba botnet, a huge infrastructure composed of more than 1 million Windows PCs worldwide....
Bitcoin Miner [oom_reaper] targets QNAP NAS devices
Taiwanese vendor QNAP warns customers of ongoing attacks targeting their NAS devices with cryptocurrency miners. Taiwanese vendor QNAP warns customers...
A chink in the armor of China-based hacking group Nickel
Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets....
How to check for Windows updates and install them
Keeping Windows up to date is an important part of warding off malware, exploits, and other attacks. If you’re not...
Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group
Microsoft seized dozens of malicious domains used by the China-linked APT15 group to target organizations worldwide. Microsoft announced to have obtained...
Nobelium continues to target organizations worldwide with custom malware
Russia-linked Nobelium APT group is using a new custom malware dubbed Ceeloader in attacks against organizations worldwide. Mandiant researchers have...
