North Korean Hackers Update BeaverTail Malware to Target MacOS Users
Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People's Republic...
News
Critical Vulnerability in GitLab Products
GitLab has released security updates addressing a critical vulnerability (CVE-2024-6385) in their GitLab Community Edition (CE) and Enterprise Edition (EE)...
Critical Vulnerability in Exim Software
Exim has released security updates addressing a critical vulnerability (CVE-2024-39929) in their mail transfer agent (MTA). Successful exploitation of the vulnerability...
Navigating Insider Risks: Are your Employees Enabling External Threats?
Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable...
FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums
The financially motivated threat actor known as FIN7 has been observed using multiple pseudonyms across several underground forums to likely...
China-linked APT17 Targets Italian Companies with 9002 RAT Malware
A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a...
Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks
The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal,...
Critical Apache HugeGraph Vulnerability Under Attack – Patch ASAP
Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code...
Kaspersky to Quit US Following Commerce Department Ban
Security vendor Kaspersky is set to wind down its business operations in the US following a Commerce Department decision to...
Two-Fifths of Senior Citizens Suffer Frequent Fraud Attempts
Two-fifths (40%) of elderly adults in the UK experience mostly phone-based fraud attempts on a daily, weekly or monthly basis,...
Half of SMEs Unprepared for Cyber-Threats
Around half (49%) of SME IT teams believe they lack the resources and staffing to defend their organization against cyber-threats,...
Hacktivists Claim Leak Over 1 Terabyte of Disney Data
A hacktivist group claims to have stolen and leaked over a terabyte of data from Diseny’s internal slack channels.The 1.1...
Hacktivist Groups Target Romania Amid Geopolitical Tensions
Security researchers have observed increased geopolitical DDoS attacks against Romania.The data comes from recent research conducted by ASERT, which also...
MHTML Exploited By APT Group Void Banshee
Security experts have uncovered a critical remote code execution (RCE) vulnerability, identified as CVE-2024-38112, within the MHTML protocol handler. This vulnerability,...
Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor
MuddyWater, an Iranian threat group, has recently started using a new, tailor-made backdoor to attack IT systems in the Middle...
‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins
Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to...
Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks
The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack...
Threat Prevention & Detection in SaaS Environments – 101
Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and...
Malicious npm Packages Found Using Image Files to Hide Backdoor Code
Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands...
Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer
An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in the...
Kaspersky Exits U.S. Market Following Commerce Department Ban
Russian security vendor Kaspersky has said it's exiting the U.S. market nearly a month after the Commerce Department announced a...
CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to...
Google Lines Up $23bn Swoop For Startup Wiz Security
Google is planning what could be the biggest acquisition in the firm’s history, according to reports.The tech giant is in...
CRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS Tools
The Sysdig Threat Research Team (TRT) has revealed significant developments in the activities of the SSH-Snake threat actor. The group, now...
