Telegram App Flaw Exploited to Spread Malware Hidden in Videos
A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files...
News
Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers
A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to...
CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog,...
Chinese Hackers Target Taiwan and U.S. NGO with MgBot and MACMA Malware
Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking...
Microsoft Internet Explorer “CDwnBindInfo” Use-After-Free Vulnerability
A vulnerability has been identified in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's...
Prolific DDoS Marketplace Shut Down by UK Law Enforcement
UK law enforcement agencies have infiltrated and taken down DigitallStress, the world’s most prolific underground marketplace offering distributed denial of...
Russia Shifts Cyber Focus to Battlefield Intelligence in Ukraine
Russia’s cyber activities in Ukraine have shifted away from strategic civilian targets towards pursuing tactical military objectives, according to a...
Chinese Espionage Group Upgrades Malware Arsenal to Target All Major OS
Prolific Chinese espionage group Daggerfly (aka Evasive Panda, Bronze Highland) has extensively updated its malware toolkit, increasing its abilities to...
Chinese Hackers Target Taiwan and US NGO with MgBot Malware
Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking...
Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware
The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign targeting a scientific research institution in...
New ICS Malware ‘FrostyGoop’ Targeting Critical Infrastructure
Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in...
How to Securely Onboard New Employees Without Sharing Temporary Passwords
The initial onboarding stage is a crucial step for both employees and employers. However, this process often involves the practice...
Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files
Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest...
Meta Given Deadline to Address E.U. Concerns Over ‘Pay or Consent’ Model
Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its...
Google Abandons Plan to Phase Out Third-Party Cookies in Chrome
Google on Monday abandoned plans to phase out third-party tracking cookies in its Chrome web browser more than four years...
CrowdStrike Denial of Service Alert
On 19 Jul 2024, CrowdStrike Falcon Sensor caused crashes on Windows hosts. Windows hosts running on cloud such as Azure,...
Play Ransomware Expands to Target VMWare ESXi Environments
The Play ransomware group has introduced a Linux variant of its malware that specifically targets VMWare ESXi environments, according to...
Two Russians Convicted for Role in LockBit Attacks
Two Russian nationals have pleaded guilty to their participation in the notorious LockBit ransomware gang, the US Department of Justice...
Ransomware Groups Fragment Amid Rising Cybercrime Threats
Ransomware groups have become increasingly fragmented due to recent law enforcement action according to data comes from Europol’s latest Internet...
Cybercriminals Exploit CrowdStrike Outage Chaos
Cybercriminals are leveraging the ongoing mass global IT outage to launch phishing campaigns, according to reports.CrowdStrike Intelligence warned that threat...
US-CERT Vulnerability Summary for the Week of July 15, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking
The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user A...
PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing
A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential...
How to Set up an Automated SMS Analysis Service with AI in Tines
The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use...
