Fake WinRAR proof-of-concept exploit drops VenomRAT malware
A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect...
cybersecurity
Free Download Manager releases script to check for Linux malware
The developers of Free Download Manager (FDM) have published a script to check if a Linux device was infected through...
#NITAM: Average Annual Cost of Insider Incidents Reaches $16.2m Per Organization
The average annual cost of insider risk incidents has risen to $16.2m per organization in 2023, up from $15.4m in...
BlackCat ransomware hits Azure Storage with Sphynx encryptor
Image: Midjourney The BlackCat (ALPHV) ransomware gang now uses stolen Microsoft accounts and the recently spotted Sphynx encryptor to encrypt...
TikTok flooded by ‘Elon Musk’ cryptocurrency giveaway scams
TikTok is flooded by a surge of fake cryptocurrency giveaways posted to the video-sharing platform, with almost all of the...
New SprySOCKS Linux malware used in cyber espionage attacks
A Chinese espionage-focused hacker tracked as 'Earth Lusca' was observed targeting government agencies in multiple countries, using a new Linux...
Thousands of Juniper devices vulnerable to unauthenticated RCE flaw
An estimated 12,000 Juniper SRX firewalls and EX switches are vulnerable to a fileless remote code execution flaw that attackers...
Are your end-users’ passwords compromised? Here’s how to check.
Passwords have long been used as the primary gatekeepers of digital security, yet they can also be a weak link...
Bumblebee malware returns in new attacks abusing WebDAV folders
The malware loader 'Bumblebee' has broken its two-month vacation with a new campaign that employs new distribution techniques that abuse...
APT36 state hackers infect Android devices using YouTube app clones
The APT36 hacking group, aka 'Transparent Tribe,' has been observed using at least three Android apps that mimic YouTube to infect...
Hackers backdoor telecom providers with new HTTPSnoop malware
New malware named HTTPSnoop and PipeSnoop are used in cyberattacks on telecommunication service providers in the Middle East, allowing threat...
Claimants in Celsius crypto bankruptcy targeted in phishing attack
Scammers are impersonating the bankruptcy claim agent for crypto lender Celsius in phishing attacks that attempt to steal funds from...
GitLab urges users to install security updates for critical pipeline flaw
GitLab has released security updates to address a critical severity vulnerability that allows attackers to run pipelines as other users...
Hackers breached International Criminal Court’s systems last week
The International Criminal Court (ICC) disclosed a cyberattack on Tuesday after discovering last week that its systems had been breached....
Trend Micro fixes endpoint protection zero-day used in attacks
Trend Micro fixed a remote code execution zero-day vulnerability in the Trend Micro's Apex One endpoint protection solution that was actively exploited...
Chinese Group Exploiting Linux Backdoor to Target Governments
A Chinese-linked threat actor known as ‘Earth Lusca’ has been conducting cyber espionage campaigns against governments around the world via...
The Week in Ransomware – September 15th 2023 – Russian Roulette
This week’s big news is the extortion attacks on the Caesars and MGM Las Vegas casino chains, with one having...
ORBCOMM ransomware attack causes trucking fleet management outage
9/15/23 update added below. Trucking and fleet management solutions provider ORBCOMM has confirmed that a ransomware attack is behind recent service...
Retool blames breach on Google Authenticator MFA cloud sync feature
Software company Retool says the accounts of 27 cloud customers were compromised following a targeted and multi-stage social engineering attack....
Google extends security update support for Chromebooks to 10 years
Google has announced the Auto Update Expiration (AUE) date will be extended from 5 years to 10 for all Chromebooks, guaranteeing...
Caesars Entertainment Reveals Major Ransomware Breach
Yet another Nevadan casino and hotel chain giant has been compromised by ransomware threat actors, after Caesars Entertainment reported a...
Cloud to Blame for Almost all Security Vulnerabilities
Four out of five (80.3%) security vulnerabilities observed in organizations across all sectors come from a cloud environment, Palo Alto...
Fake Cisco Webex Google Ads abuse tracking templates to push malware
Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users...
Criminal IP Elevates Payment Security with PCI DSS Level 1 Certification
With payment card information being an enticing target for cyber attackers, the safeguarding of payment card transactions is of utmost...
