Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks
The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack...
News
Threat Prevention & Detection in SaaS Environments – 101
Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and...
Malicious npm Packages Found Using Image Files to Hide Backdoor Code
Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands...
Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in the...
Kaspersky Exits U.S. Market Following Commerce Department Ban
Russian security vendor Kaspersky has said it's exiting the U.S. market nearly a month after the Commerce Department announced a...
CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to...
Google Lines Up $23bn Swoop For Startup Wiz Security
Google is planning what could be the biggest acquisition in the firm’s history, according to reports.The tech giant is in...
CRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS Tools
The Sysdig Threat Research Team (TRT) has revealed significant developments in the activities of the SSH-Snake threat actor. The group, now...
Attackers Exploit URL Protections to Disguise Phishing Links
Cybercriminals are abusing legitimate URL protection services to disguise malicious phishing links, Barracuda researchers have revealed.The firm observed phishing campaigns...
WP Time Capsule Plugin Update Urged After Critical Security Flaw
Security researchers have found a new vulnerability in the Backup and Staging by WP Time Capsule plugin, affecting versions 1.22.20...
Pharmacy Giant Rite Aid Hit By Ransomware
Rite Aid has become the latest high street name to fall victim to ransomware actors, after it revealed a “limited”...
US-CERT Vulnerability Summary for the Week of July 8, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
GitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories...
10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit
Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought,...
CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool
A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect...
Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months
Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes...
New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection
Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new...
Exim Security Restriction Bypass Vulnerability
A vulnerability was identified in Exim, a remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Note:Proof...
Cisco Products Remote Code Execution Vulnerability
A vulnerability has been identified in Cisco Products, a remote user can exploit this vulnerability to trigger elevation of privilege...
AT&T Confirms Data Breach Affecting Nearly All Wireless Customers
American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its...
Indiana County Files Disaster Declaration Following Ransomware Attack
A County in Indiana, US, has filed a disaster declaration following a ransomware attack on local government networks, which has...
Hackers Downloaded Call Logs from Cloud Platform in AT&T Breach
Telecommunications giant AT&T has revealed that customer data has been illegally downloaded by threat actors.Hackers have downloaded the data from...
Snowflake Breach at Advance Auto Parts Hits 2.3 Million People
A leading US car parts provider has revealed that a high-profile data breach earlier in 2024 will impact over two...
NATO Set to Build New Cyber Defense Center
NATO’s members have agreed to the construction of a new cyber-defense facility designed to help the military alliance build resilience...
