Dec. 3, 2024 |
Cisco Confirms Active Exploitation of Decade-Old WebVPN Vulnerability in ASA Software |
https://securityonline.info/cisco-confirms-active-exploitation-of-decade-old-webvpn-vulnerability-in-asa-software/
|
Dec. 2, 2024 |
Zero-Day Attack Alert: Corrupted Files Weaponized in New Attacks |
https://securityonline.info/zero-day-attack-alert-corrupted-files-weaponized-in-new-attacks/
|
Dec. 2, 2024 |
Mystery google.com certificate issued by Brazilian CA |
https://www.reddit.com/r/netsec/comments/1h4h1iy/mystery_googlecom_certificate_issued_by_brazilian/
|
Nov. 29, 2024 |
Malicious npm Packages Threaten Crypto Developers: Keylogging and Wallet Theft Revealed |
https://securityonline.info/malicious-npm-packages-threaten-crypto-developers-keylogging-and-wallet-theft-revealed/
|
Nov. 29, 2024 |
Beyond FUD Links: Rockstar PaaS Kit Exploits Trusted Platforms for Phishing |
https://securityonline.info/beyond-fud-links-rockstar-paas-kit-exploits-trusted-platforms-for-phishing/
|
Nov. 29, 2024 |
Godot Engine Compromised: Malware Distributed via GodLoader |
https://securityonline.info/godot-engine-compromised-malware-distributed-via-godloader/
|
Nov. 21, 2024 |
PDFFlex: Analyzing PUA Persistence and Evasion Techniques |
https://securityonline.info/pdfflex-analyzing-pua-persistence-and-evasion-techniques/
|
Nov. 21, 2024 |
Researchers Uncover XenoRAT’s New Tactics Leveraging Excel XLL Files and Advanced Obfuscation |
https://securityonline.info/researchers-uncover-xenorats-new-tactics-leveraging-excel-xll-files-and-advanced-obfuscation/
|
Nov. 12, 2024 |
North Korean hackers create Flutter apps to bypass macOS security |
https://www.bleepingcomputer.com/news/security/north-korean-hackers-create-flutter-apps-to-bypass-macos-security/
|
Nov. 12, 2024 |
HIBP notifies 57 million people of Hot Topic data breach |
https://www.bleepingcomputer.com/news/security/hibp-notifies-57-million-people-of-hot-topic-data-breach/
|
Sept. 20, 2024 |
This Windows PowerShell Phish Has Scary Potential |
https://krebsonsecurity.com/2024/09/this-windows-powershell-phish-has-scary-potential/
|
Sept. 9, 2024 |
Akira Ransomware Exploits SonicWall SSLVPN Flaw (CVE-2024-40766) |
https://securityonline.info/akira-ransomware-exploits-sonicwall-sslvpn-flaw-cve-2024-40766/
|
Sept. 9, 2024 |
Fog Ransomware Group Shifts Focus: Financial Sector Now in Crosshairs |
https://securityonline.info/fog-ransomware-group-shifts-focus-financial-sector-now-in-crosshairs/
|
Sept. 9, 2024 |
Sextortion Scams Now Include Photos of Your Home |
https://krebsonsecurity.com/2024/09/sextortion-scams-now-include-photos-of-your-home/
|
Aug. 31, 2024 |
Local Networks Go Global When Domain Names Collide |
https://krebsonsecurity.com/2024/08/local-networks-go-global-when-domain-names-collide/
|
Aug. 31, 2024 |
When Get-Out-The-Vote Efforts Look Like Phishing |
https://krebsonsecurity.com/2024/08/when-get-out-the-vote-efforts-look-like-phishing/
|
Aug. 23, 2024 |
Google fixes ninth Chrome zero-day tagged as exploited this year |
https://www.bleepingcomputer.com/news/security/google-fixes-ninth-actively-exploited-chrome-zero-day-in-2024/
|
Aug. 23, 2024 |
Hackers steal banking creds from iOS, Android users via PWA apps |
https://www.bleepingcomputer.com/news/security/hackers-steal-banking-creds-from-ios-android-users-via-pwa-apps/
|
Aug. 23, 2024 |
New NGate Android malware uses NFC chip to steal credit card data |
https://www.bleepingcomputer.com/news/security/new-ngate-android-malware-uses-nfc-chip-to-steal-credit-card-data/
|
Aug. 8, 2024 |
ADT confirms data breach after customer info leaked on hacking forum |
https://www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-customer-info-leaked-on-hacking-forum/
|
Aug. 8, 2024 |
Windows Update downgrade attack "unpatches" fully-updated systems |
https://www.bleepingcomputer.com/news/microsoft/windows-update-downgrade-attack-unpatches-fully-updated-systems/
|
Aug. 7, 2024 |
Data Centers Alert: AMD Addresses SEV-SNP Vulnerabilities in EPYC Processors |
https://securityonline.info/data-centers-alert-amd-addresses-sev-snp-vulnerabilities-in-epyc-processors/
|
Aug. 3, 2024 |
20,000+ Ubiquiti Devices Exposed: Amplification Attacks & Data Leaks |
https://securityonline.info/20000-ubiquiti-devices-exposed-amplification-attacks-data-leaks/
|
Aug. 3, 2024 |
CVE-2024-7339: DVR Vulnerability Exposes Over 400,000 Devices to Hackers |
https://securityonline.info/cve-2024-7339-dvr-vulnerability-exposes-over-400000-devices-to-hackers/
|
Aug. 3, 2024 |
Malicious PyPI Packages Expose User Credentials |
https://securityonline.info/malicious-pypi-packages-expose-user-credentials/
|
July 26, 2024 |
PKfail Secure Boot bypass lets attackers install UEFI malware |
https://www.bleepingcomputer.com/news/security/pkfail-secure-boot-bypass-lets-attackers-install-uefi-malware/
|
July 20, 2024 |
China-Linked GhostEmperor Resurfaces: Enhanced Demodex Rootkit Targets Southeast Asia |
https://securityonline.info/china-linked-ghostemperor-resurfaces-enhanced-demodex-rootkit-targets-southeast-asia/
|
July 20, 2024 |
NHS England Issues Cyber Alert for Exploited CVE-2023-6548 Vulnerability in NetScaler Devices |
https://securityonline.info/nhs-england-issues-cyber-alert-for-exploited-cve-2023-6548-vulnerability-in-netscaler-devices/
|
July 17, 2024 |
Researchers: Weak Security Defaults Enabled Squarespace Domains Hijacks |
https://krebsonsecurity.com/2024/07/researchers-weak-security-defaults-enabled-squarespace-domains-hijacks/
|
July 17, 2024 |
Microsoft links Scattered Spider hackers to Qilin ransomware attacks |
https://www.bleepingcomputer.com/news/security/microsoft-links-scattered-spider-hackers-to-qilin-ransomware-attacks/
|
July 17, 2024 |
Rite Aid says June data breach impacts 2.2 million people |
https://www.bleepingcomputer.com/news/security/rite-aid-says-june-data-breach-impacts-22-million-people/
|
July 17, 2024 |
Email addresses of 15 million Trello users leaked on hacking forum |
https://www.bleepingcomputer.com/news/security/email-addresses-of-15-million-trello-users-leaked-on-hacking-forum/
|
July 17, 2024 |
Crooks Steal Phone, SMS Records for Nearly All AT&T Customers |
https://krebsonsecurity.com/2024/07/hackers-steal-phone-sms-records-for-nearly-all-att-customers/
|
July 9, 2024 |
Chinese APT40 hackers hijack SOHO routers to launch attacks |
https://www.bleepingcomputer.com/news/security/chinese-apt40-hackers-hijack-soho-routers-to-launch-attacks/
|
July 9, 2024 |
Hackers target WordPress calendar plugin used by 150,000 sites |
https://www.bleepingcomputer.com/news/security/hackers-target-wordpress-calendar-plugin-used-by-150-000-sites/
|
July 9, 2024 |
Fujitsu confirms customer data exposed in March cyberattack |
https://www.bleepingcomputer.com/news/security/fujitsu-confirms-customer-data-exposed-in-march-cyberattack/
|
July 8, 2024 |
Universal Code Execution by Chaining Messages in Browser Extensions |
https://www.reddit.com/r/netsec/comments/1dxj0wh/universal_code_execution_by_chaining_messages_in/
|
July 8, 2024 |
Cybercriminals Escalate Attacks Exploiting Microsoft SmartScreen Flaw (CVE-2024-21412) |
https://securityonline.info/cybercriminals-escalate-attacks-exploiting-microsoft-smartscreen-flaw-cve-2024-21412/
|
July 8, 2024 |
Volcano Demon: New Ransomware Gang Targets Windows & Linux |
https://securityonline.info/volcano-demon-new-ransomware-gang-targets-windows-linux/
|
June 30, 2024 |
InnoLoader Malware Evades Detection Posing as Cracked Software |
https://securityonline.info/innoloader-malware-evades-detection-posing-as-cracked-software/
|
June 30, 2024 |
Avaya IP Office Users Urged to Patch Critical Flaws (CVE-2024-4196 & CVE-2024-4197) |
https://securityonline.info/avaya-ip-office-users-urged-to-patch-critical-flaws-cve-2024-4196-cve-2024-4197/
|
June 30, 2024 |
TeamViewer Confirms Cyberattack by Notorious APT Group |
https://securityonline.info/teamviewer-confirms-cyberattack-by-notorious-apt-group/
|
June 30, 2024 |
MerkSpy Spyware Campaign Exploits Microsoft Office Flaw |
https://securityonline.info/merkspy-spyware-campaign-exploits-microsoft-office-flaw/
|
June 23, 2024 |
PrestaShop Sites Under Attack via Facebook Module Vulnerability (CVE-2024-36680) |
https://securityonline.info/prestashop-sites-under-attack-via-facebook-module-vulnerability-cve-2024-36680/
|
June 22, 2024 |
Ratel RAT targets outdated Android phones in ransomware attacks |
https://www.bleepingcomputer.com/news/security/ratel-rat-targets-outdated-android-phones-in-ransomware-attacks/
|
June 22, 2024 |
CDK Global outage caused by BlackSuit ransomware attack |
https://www.bleepingcomputer.com/news/security/cdk-global-outage-caused-by-blacksuit-ransomware-attack/
|
June 21, 2024 |
Linux version of RansomHub ransomware targets VMware ESXi VMs |
https://www.bleepingcomputer.com/news/security/linux-version-of-ransomhub-ransomware-targets-vmware-esxi-vms/
|
June 21, 2024 |
BokuLoader - A Proof-Of-Concept Cobalt Strike Reflective Loader Which Aims To Recreate, Integrate, And Enhance Cobalt Strike's Evasion Features! |
http://www.kitploit.com/2024/06/bokuloader-proof-of-concept-cobalt.html
|
June 21, 2024 |
UNC3886 hackers use Linux rootkits to hide on VMware ESXi VMs |
https://www.bleepingcomputer.com/news/security/unc3886-hackers-use-linux-rootkits-to-hide-on-vmware-esxi-vms/
|
June 13, 2024 |
Bondnet Threat Actor Still Active, Using Bots as C2 Servers |
https://securityonline.info/bondnet-threat-actor-still-active-using-bots-as-c2-servers/
|
June 11, 2024 |
PHP Vulnerability (CVE-2024-4577) Actively Exploited in TellYouThePass Ransomware Attacks |
https://securityonline.info/php-vulnerability-cve-2024-4577-actively-exploited-in-tellyouthepass-ransomware-attacks/
|
June 6, 2024 |
Check-in terminals used by thousands of hotels leak guest info |
https://www.bleepingcomputer.com/news/security/check-in-terminals-used-by-thousands-of-hotels-leak-guest-info/
|
June 6, 2024 |
New Fog ransomware targets US education sector via breached VPNs |
https://www.bleepingcomputer.com/news/security/new-fog-ransomware-targets-us-education-sector-via-breached-vpns/
|
June 6, 2024 |
Club Penguin fans breached Disney Confluence server, stole 2.5GB of data |
https://www.bleepingcomputer.com/news/security/club-penguin-fans-breached-disney-confluence-server-stole-25gb-of-data/
|
June 6, 2024 |
New Gitloker attacks wipe GitHub repos in extortion scheme |
https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/
|
June 3, 2024 |
Hugging Face Spaces Platform Hit by Unauthorized Access |
https://securityonline.info/hugging-face-spaces-platform-hit-by-unauthorized-access/
|
June 3, 2024 |
CVE-2024-29415: Popular Node.js Package ‘node-ip’ Exposes Millions to Potential SSRF Attacks |
https://securityonline.info/cve-2024-29415-popular-node-js-package-node-ip-exposes-millions-to-potential-ssrf-attacks/
|
May 16, 2024 |
Threat actors misusing Quick Assist in social engineering attacks leading to ransomware |
https://www.reddit.com/r/netsec/comments/1csqem5/threat_actors_misusing_quick_assist_in_social/
|
May 9, 2024 |
Zscaler takes "test environment" offline after rumors of a breach |
https://www.bleepingcomputer.com/news/security/zscaler-takes-test-environment-offline-after-rumors-of-a-breach/
|
May 9, 2024 |
Citrix warns admins to manually mitigate PuTTY SSH client bug |
https://www.bleepingcomputer.com/news/security/citrix-warns-admins-to-manually-mitigate-putty-ssh-client-bug/
|
May 9, 2024 |
Crickets from Chirp Systems in Smart Lock Key Leak |
https://krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak/
|
May 9, 2024 |
Who Stole 3.6M Tax Records from South Carolina? |
https://krebsonsecurity.com/2024/04/who-stole-3-6m-tax-records-from-south-carolina/
|
May 9, 2024 |
City of Wichita breach claimed by LockBit ransomware gang |
https://www.bleepingcomputer.com/news/security/city-of-wichita-breach-claimed-by-lockbit-ransomware-gang/
|
May 9, 2024 |
FBI warns of gift card fraud ring targeting retail companies |
https://www.bleepingcomputer.com/news/security/fbi-warns-of-gift-card-fraud-ring-targeting-retail-companies/
|
May 9, 2024 |
Ascension healthcare takes systems offline after cyberattack |
https://www.bleepingcomputer.com/news/security/ascension-healthcare-takes-systems-offline-after-cyberattack/
|
May 9, 2024 |
University System of Georgia: 800K exposed in 2023 MOVEit attack |
https://www.bleepingcomputer.com/news/security/university-system-of-georgia-800k-exposed-in-2023-moveit-attack/
|
May 9, 2024 |
Dell warns of data breach, 49 million customers allegedly affected |
https://www.bleepingcomputer.com/news/security/dell-warns-of-data-breach-49-million-customers-allegedly-affected/
|
May 5, 2024 |
NSA warns of North Korean hackers exploiting weak DMARC email policies |
https://www.bleepingcomputer.com/news/security/nsa-warns-of-north-korean-hackers-exploiting-weak-dmarc-email-policies/
|
May 5, 2024 |
CISA urges software devs to weed out path traversal vulnerabilities |
https://www.bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-path-traversal-vulnerabilities/
|
May 5, 2024 |
Android bug leaks DNS queries even when VPN kill switch is enabled |
https://www.bleepingcomputer.com/news/security/android-bug-leaks-dns-queries-even-when-vpn-kill-switch-is-enabled/
|
May 4, 2024 |
Nearly 20% of Docker Hub Repositories were used to spread malware & phishing scams |
https://www.reddit.com/r/netsec/comments/1cgtztj/nearly_20_of_docker_hub_repositories_were_used_to/
|
May 2, 2024 |
Adload Adware Quickly Evades Apple’s Expanded XProtect |
https://securityonline.info/adload-adware-quickly-evades-apples-expanded-xprotect/
|
May 2, 2024 |
New Cuttlefish Malware Evades Detection, Targets SOHO Routers |
https://securityonline.info/new-cuttlefish-malware-evades-detection-targets-soho-routers/
|
May 2, 2024 |
“Goldoon” Botnet Exploits Unpatched D-Link Devices |
https://securityonline.info/goldoon-botnet-exploits-unpatched-d-link-devices/
|
April 30, 2024 |
Millions of Docker repos found pushing malware, phishing sites |
https://www.bleepingcomputer.com/news/security/millions-of-docker-repos-found-pushing-malware-phishing-sites/
|
April 30, 2024 |
Stealthy ‘DarkGate’ Trojan Abuses AutoHotkey, Evades Defender |
https://securityonline.info/stealthy-darkgate-trojan-abuses-autohotkey-evades-defender/
|
April 29, 2024 |
FROZEN#SHADOW Campaign: The Stealthy Advance of SSLoad Malware and Cobalt Strike |
https://securityonline.info/frozenshadow-campaign-the-stealthy-advance-of-ssload-malware-and-cobalt-strike/
|
April 29, 2024 |
US Post Office phishing sites get as much traffic as the real one |
https://www.bleepingcomputer.com/news/security/us-post-office-phishing-sites-get-as-much-traffic-as-the-real-one/
|
April 28, 2024 |
Kaiser Permanente: Data breach may impact 13.4 million patients |
https://www.bleepingcomputer.com/news/security/kaiser-permanente-data-breach-may-impact-134-million-patients/
|
April 28, 2024 |
Okta warns of "unprecedented" credential stuffing attacks on customers |
https://www.bleepingcomputer.com/news/security/okta-warns-of-unprecedented-credential-stuffing-attacks-on-customers/
|
April 28, 2024 |
LA County Health Services: Patients' data exposed in phishing attack |
https://www.bleepingcomputer.com/news/security/la-county-health-services-thousands-of-patients-data-exposed-in-email-breach/
|
April 28, 2024 |
Fake job interviews target developers with new Python backdoor |
https://www.bleepingcomputer.com/news/security/fake-job-interviews-target-developers-with-new-python-backdoor/
|
April 26, 2024 |
Alert: “Brokewell” Malware – New Threat Targets Bank Users with Remote Device Takeover |
https://securityonline.info/alert-brokewell-malware-new-threat-targets-bank-users-with-remote-device-takeover/
|
April 26, 2024 |
Postman users are exposing Thousands of live Passwords/API keys |
https://www.reddit.com/r/netsec/comments/1cd2s6f/postman_users_are_exposing_thousands_of_live/
|
April 26, 2024 |
Beware of Search Results: Hackers Using Fake Websites to Spread Malware |
https://securityonline.info/beware-of-search-results-hackers-using-fake-websites-to-spread-malware/
|
April 26, 2024 |
AI Powers a Phishing Frenzy – Zscaler Report Warns of Unprecedented Threat Wave |
https://securityonline.info/ai-powers-a-phishing-frenzy-zscaler-report-warns-of-unprecedented-threat-wave/
|
April 26, 2024 |
Hackers Employ Advanced Fileless Attack to Implant AgentTesla Malware |
https://securityonline.info/hackers-employ-advanced-fileless-attack-to-implant-agenttesla-malware/
|
April 26, 2024 |
Iranian Hacker Group MuddyWater Abuses Legitimate Atera Software to Target Global Organizations |
https://securityonline.info/iranian-hacker-group-muddywater-abuses-legitimate-atera-software-to-target-global-organizations/
|
April 26, 2024 |
Hanwha Vision Announces Critical Security Updates for NVR and DVR Models |
https://securityonline.info/hanwha-vision-announces-critical-security-updates-for-nvr-and-dvr-models/
|
April 24, 2024 |
Hackers hijack antivirus updates to drop GuptiMiner malware |
https://www.bleepingcomputer.com/news/security/hackers-hijack-antivirus-updates-to-drop-guptiminer-malware/
|
April 24, 2024 |
Nation-State Threat Actors Renew Publications to npm |
https://www.reddit.com/r/netsec/comments/1cbmeit/nationstate_threat_actors_renew_publications_to/
|
April 24, 2024 |
SAP Threat Modeling Tool - Open Source Software |
https://www.reddit.com/r/netsec/comments/1cbqqp1/sap_threat_modeling_tool_open_source_software/
|
April 23, 2024 |
Sharp Stealer: New Malware Targets Gamers’ Accounts and Online Identities |
https://securityonline.info/sharp-stealer-new-malware-targets-gamers-accounts-and-online-identities/
|
April 23, 2024 |
ToddyCat: Unveiling the Stealthy APT Group Targeting Asia-Pacific Governments |
https://securityonline.info/toddycat-unveiling-the-stealthy-apt-group-targeting-asia-pacific-governments/
|
April 23, 2024 |
Russia-Linked Hackers Exploit Windows Zero-Day, Deploy “GooseEgg” to Hijack Networks |
https://securityonline.info/russia-linked-hackers-exploit-windows-zero-day-deploy-gooseegg-to-hijack-networks/
|
April 22, 2024 |
Microsoft: APT28 hackers exploit Windows flaw reported by NSA |
https://www.bleepingcomputer.com/news/security/microsoft-apt28-hackers-exploit-windows-flaw-reported-by-nsa/
|
April 22, 2024 |
Russian Sandworm hackers targeted 20 critical orgs in Ukraine |
https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-targeted-20-critical-orgs-in-ukraine/
|
April 22, 2024 |
GitLab affected by GitHub-style CDN flaw allowing malware hosting |
https://www.bleepingcomputer.com/news/security/gitlab-affected-by-github-style-cdn-flaw-allowing-malware-hosting/
|
April 18, 2024 |
“All Your Secrets Are Belong To Us” — A Delinea Secret Server AuthN/AuthZ Bypass |
https://www.reddit.com/r/netsec/comments/1c5h4h1/all_your_secrets_are_belong_to_us_a_delinea/
|
April 17, 2024 |
Multiple botnets exploiting one-year-old TP-Link flaw to hack routers |
https://www.bleepingcomputer.com/news/security/multiple-botnets-exploiting-one-year-old-tp-link-flaw-to-hack-routers/
|
April 17, 2024 |
Vulnerability in Popular VPN Software Could Lead to Crashes and Service Disruptions |
https://securityonline.info/vulnerability-in-popular-vpn-software-could-lead-to-crashes-and-service-disruptions/
|
April 17, 2024 |
T-Mobile, Verizon workers get texts offering $300 for SIM swaps |
https://www.bleepingcomputer.com/news/security/t-mobile-verizon-workers-get-texts-offering-300-for-sim-swaps/
|
April 16, 2024 |
Cisco warns of large-scale brute-force attacks against VPN services |
https://www.bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services/
|
April 14, 2024 |
Hacker claims Giant Tiger data breach, leaks 2.8M records online |
https://www.bleepingcomputer.com/news/security/hacker-claims-giant-tiger-data-breach-leaks-28m-records-online/
|
April 14, 2024 |
Thread Hijacking: Phishes That Prey on Your Curiosity |
https://krebsonsecurity.com/2024/03/thread-hijacking-phishes-that-prey-on-your-curiosity/
|
April 14, 2024 |
Several vulnerabilities in LG WebOS. Chained, lead to RCE. |
https://www.reddit.com/r/netsec/comments/1c22m7x/several_vulnerabilities_in_lg_webos_chained_lead/
|
April 14, 2024 |
GitHub Search Sabotaged: Malware Hidden in Popular Repositories |
https://securityonline.info/github-search-sabotaged-malware-hidden-in-popular-repositories/
|
April 14, 2024 |
Apple Warns Users of Targeted Spyware Attacks – Here’s How to Stay Safe |
https://securityonline.info/apple-warns-users-of-targeted-spyware-attacks-heres-how-to-stay-safe/
|
April 14, 2024 |
“Coyote” Trojan Strikes Brazil’s Banks, Experts Warn of Next-Gen Threat |
https://securityonline.info/coyote-trojan-strikes-brazils-banks-experts-warn-of-next-gen-threat/
|
April 14, 2024 |
GraphStrike: Cobalt Strike HTTPS beaconing over Microsoft Graph API |
https://securityonline.info/graphstrike-cobalt-strike-https-beaconing-over-microsoft-graph-api/
|
April 14, 2024 |
Roku warns 576,000 accounts hacked in new credential stuffing attacks |
https://www.bleepingcomputer.com/news/security/roku-warns-576-000-accounts-hacked-in-new-credential-stuffing-attacks/
|
April 14, 2024 |
Telegram fixes Windows app zero-day used to launch Python scripts |
https://www.bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-used-to-launch-python-scripts/
|
April 14, 2024 |
Palo Alto Networks zero-day exploited since March to backdoor firewalls |
https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/
|
Feb. 29, 2024 |
Lazarus Group Suspected in Telegram Phishing Attacks on Investors |
https://securityonline.info/lazarus-group-suspected-in-telegram-phishing-attacks-on-investors/
|
Feb. 29, 2024 |
Rhysida ransomware wants $3.6 million for children’s stolen data |
https://www.bleepingcomputer.com/news/security/rhysida-ransomware-wants-36-million-for-childrens-stolen-data/
|
Feb. 29, 2024 |
Malicious AI models on Hugging Face backdoor users’ machines |
https://www.bleepingcomputer.com/news/security/malicious-ai-models-on-hugging-face-backdoor-users-machines/
|
Feb. 11, 2024 |
Raspberry Robin Keeps Riding The Wave Of Endless 1-days |
https://research.checkpoint.com/2024/raspberry-robin-keeps-riding-the-wave-of-endless-1-days/
|
Feb. 11, 2024 |
Chinese Espionage Group UNC3886 Found Exploiting CVE-2023-34048 Since Late 2021 |
https://www.mandiant.com/resources/blog/chinese-vmware-exploitation-since-2021
|
Feb. 10, 2024 |
MacOS data exfiltration malware poses as an update for Visual Studio code editor. |
https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
|
Feb. 7, 2024 |
Critical vulnerability affecting most Linux distros allows for bootkits |
https://arstechnica.com/security/2024/02/critical-vulnerability-affecting-most-linux-distros-allows-for-bootkits/
|
Dec. 28, 2023 |
LogoFAIL attack: using image files to attack computers |
https://www.kaspersky.com/blog/logofail-uefi-vulnerabilities/50160/
|
Dec. 21, 2023 |
Double Extortion Attack Analysis |
https://www.reliaquest.com/blog/double-extortion-attack-analysis/
|
Dec. 11, 2023 |
Unmasking the Enigma: A Historical Dive into the World of PlugX Malware |
https://www.splunk.com/en_us/blog/security/unmasking-the-enigma-a-historical-dive-into-the-world-of-plugx-malware.html
|
Dec. 1, 2023 |
Deep Analysis of Vidar Stealer |
https://m4lcode.github.io/malware%20analysis/vidar/
|
Nov. 29, 2023 |
Ransomware gangs and Living Off the Land (LOTL) attacks: A deep dive |
https://www.malwarebytes.com/blog/business/2023/11/ransomware-gangs-and-living-off-the-land-lotl-attacks-a-deep-dive/amp
|
Nov. 24, 2023 |
GootBot – Gootloader’s new approach to post-exploitation |
https://securityintelligence.com/x-force/gootbot-gootloaders-new-approach-to-post-exploitation/
|
Nov. 21, 2023 |
DarkGate and Pikabot malware emerge as Qakbot’s successors |
https://www.bleepingcomputer.com/news/security/darkgate-and-pikabot-malware-emerge-as-qakbots-successors/#google_vignette
|
Nov. 15, 2023 |
Opensea (Seaport) Exploit Details: Check if your address is affected |
https://revoketokens.io/exploits/opensea-11-14/
|
Nov. 9, 2023 |
Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology |
https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology
|
Oct. 27, 2023 |
Hackers can force iOS and macOS browsers to divulge passwords and much more |
https://arstechnica.com/security/2023/10/hackers-can-force-ios-and-macos-browsers-to-divulge-passwords-and-a-whole-lot-more/
|
Oct. 21, 2023 |
Hackers Stole Access Tokens from Okta’s Support Unit |
https://krebsonsecurity.com/2023/10/hackers-stole-access-tokens-from-oktas-support-unit/
|
Oct. 18, 2023 |
Security Vulnerabilities in CasaOS |
https://www.sonarsource.com/blog/security-vulnerabilities-in-casaos/
|
Oct. 18, 2023 |
Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability |
https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software/
|
Oct. 10, 2023 |
CVE-2023-22515 - Broken Access Control Vulnerability in Confluence Data Center and Server |
https://confluence.atlassian.com/security/cve-2023-22515-privilege-escalation-vulnerability-in-confluence-data-center-and-server-1295682276.html
|
Oct. 6, 2023 |
MGM Resorts ransomware attack led to $100 million loss, data theft |
https://www.bleepingcomputer.com/news/security/mgm-resorts-ransomware-attack-led-to-100-million-loss-data-theft/
|
Oct. 3, 2023 |
Motel One Group’s Swift Response Thwarts Ransomware Attack |
https://www.hackread.com/motel-one-groups-thwarts-ransomware-attack/
|
Oct. 3, 2023 |
Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape. |
https://securityaffairs.com/151869/malware/bunnyloader-maas.html?amp=1
|
Sept. 23, 2023 |
New stealthy and modular Deadglyph malware used in govt attacks |
https://www.bleepingcomputer.com/news/security/new-stealthy-and-modular-deadglyph-malware-used-in-govt-attacks/
|
Sept. 23, 2023 |
0-days exploited by commercial surveillance vendor in Egypt |
https://blog.google/threat-analysis-group/0-days-exploited-by-commercial-surveillance-vendor-in-egypt/
|
Sept. 23, 2023 |
Ahmed Eltantawy Targeted with Predator Spyware After Announcing Presidential Ambitions |
https://citizenlab.ca/2023/09/predator-in-the-wires-ahmed-eltantawy-targeted-with-predator-spyware-after-announcing-presidential-ambitions/
|
Sept. 22, 2023 |
Chinese hackers have unleashed a never-before-seen Linux backdoor |
https://arstechnica.com/security/2023/09/never-before-seen-linux-backdoor-is-a-windows-malware-knockoff/
|
Sept. 21, 2023 |
Chinese hackers have unleashed a never-before-seen Linux backdoor |
https://arstechnica.com/security/2023/09/never-before-seen-linux-backdoor-is-a-windows-malware-knockoff/
|
Sept. 20, 2023 |
Attacks on 5G Infrastructure From Users’ Devices |
https://www.trendmicro.com/en_us/research/23/i/attacks-on-5g-infrastructure-from-users-devices.html
|
Sept. 19, 2023 |
DHS: Ransomware attackers headed for second most profitable year |
https://therecord.media/dhs-ransomware-headed-for-second-profits
|
Sept. 12, 2023 |
Redfly: Espionage Actors Continue to Target Critical Infrastructure |
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/critical-infrastructure-attacks
|
Sept. 10, 2023 |
“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts |
https://labs.guard.io/mrtonyscam-botnet-of-facebook-users-launch-high-intent-messenger-phishing-attack-on-business-3182cfb12f4d
|
Sept. 5, 2023 |
4,500 of the Top 1 Million Websites Leaked Source Code, Secrets |
https://trufflesecurity.com/blog/4500-of-the-top-1-million-websites-leaked-source-code-secrets/
|
Sept. 3, 2023 |
Government Agencies Report New Russian Malware Targets Ukrainian Military |
https://www.nsa.gov/Press-Room/Press-Releases-Statements/Press-Release-View/Article/3511738/government-agencies-report-new-russian-malware-targets-ukrainian-military/
|
Aug. 30, 2023 |
BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps |
https://www.welivesecurity.com/en/eset-research/badbazaar-espionage-tool-targets-android-users-trojanized-signal-telegram-apps/
|
Aug. 29, 2023 |
FBI Dismantles a Malware System That Took Millions in Ransom |
https://www.msn.com/en-us/money/markets/fbi-dismantles-a-malware-system-that-took-millions-in-ransom/ar-AA1fWQVA
|
Aug. 29, 2023 |
Meta Cripples China's Signature 'Spamouflage' Influence Op |
https://www.darkreading.com/application-security/meta-vs-china-social-giant-cripples-chinese-disinformation-apt
|
Aug. 28, 2023 |
Microsoft Releases Mitigation Notes for Windows Downfall Vulnerability |
https://securityonline.info/microsoft-releases-mitigation-notes-for-windows-downfall-vulnerability/
|
Aug. 25, 2023 |
Flax Typhoon using legitimate software to quietly access Taiwanese organizations |
https://www.microsoft.com/en-us/security/blog/2023/08/24/flax-typhoon-using-legitimate-software-to-quietly-access-taiwanese-organizations/
|
Aug. 23, 2023 |
TP-Link Smart Bulb Vulns Expose Households To Hacker Attacks |
https://www.securityweek.com/tp-link-smart-bulb-vulnerabilities-expose-households-to-hacker-attacks/
|
Aug. 22, 2023 |
Uncle Sam: Rest of the world would love to steal our space blueprints – don't let 'em |
https://www.theregister.com/2023/08/21/us_satellite_hacking/
|
Aug. 19, 2023 |
GitLab vulnerability leveraged in LABRAT cryptojacking, proxyjacking operation |
https://www.scmagazine.com/brief/gitlab-vulnerability-leveraged-in-labrat-cryptjacking-proxyjacking-operation
|
Aug. 19, 2023 |
LinkedIn Suffers 'Significant' Wave of Account Hacks |
https://www.darkreading.com/attacks-breaches/linkedin-suffers-significant-wave-of-account-hacks
|
Aug. 19, 2023 |
Phishing campaign steals accounts for Zimbra email servers worlwide |
https://www.bleepingcomputer.com/news/security/phishing-campaign-steals-accounts-for-zimbra-email-servers-worlwide/
|
Aug. 19, 2023 |
LABRAT: Stealthy Cryptojacking and Proxyjacking Campaign Targeting GitLab |
https://sysdig.com/blog/labrat-cryptojacking-proxyjacking-campaign/
|
Aug. 19, 2023 |
The Vulnerability of Zero Trust: Lessons from the Storm 0558 Hack |
https://thehackernews.com/2023/08/the-vulnerability-of-zero-trust-lessons.html?m=1
|
Aug. 18, 2023 |
Fake Airplane Mode: A mobile tampering technique to maintain connectivity |
https://www.jamf.com/blog/fake-airplane-mode-a-mobile-tampering-technique-to-maintain-connectivity/
|
Aug. 15, 2023 |
Discord.io confirms breach after hacker steals data of 760K users |
https://www.bleepingcomputer.com/news/security/discordio-confirms-breach-after-hacker-steals-data-of-760k-users/
|
Aug. 15, 2023 |
Ford SYNC 3 infotainment vulnerable to drive-by Wi-Fi hijacking |
https://www.theregister.com/2023/08/14/ford_sync_vulnerability/
|
Aug. 13, 2023 |
One of the world's largest crypto payment processors CoinsPaid loses $37M in hack |
https://x.com/bitcoinnewscom/status/1690809194146897920
|
Aug. 13, 2023 |
DoubleDrive: fully-undetectable ransomware that utilizes OneDrive to encrypt target files |
https://github.com/SafeBreach-Labs/DoubleDrive
|
Aug. 11, 2023 |
Proxy-capable backdoor deployed in South African nation’s critical infrastructure |
https://securelist.com/focus-on-droxidat-systembc/110302/
|
Aug. 11, 2023 |
Electoral Commission had internet-facing server with unpatched vuln |
https://www.theregister.com/2023/08/11/electoral_commission_vulnerability/
|
Aug. 11, 2023 |
Widespread file exposure possible with Western Digital, Synology NAS flaws |
https://www.scmagazine.com/brief/widespread-file-exposure-possible-with-western-digital-synology-nas-flaws
|
Aug. 10, 2023 |
Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack |
https://www.hackread.com/rust-injector-xworm-remcos-rat-multi-stage-attack/
|
Aug. 7, 2023 |
New acoustic attack steals data from keystrokes with 95% accuracy |
https://www.bleepingcomputer.com/news/security/new-acoustic-attack-steals-data-from-keystrokes-with-95-percent-accuracy/
|
Aug. 5, 2023 |
Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems |
https://asec.ahnlab.com/en/55785/
|
Aug. 4, 2023 |
Salesforce Zero-Day Exploited to Phish Facebook Credentials |
https://www.darkreading.com/application-security/salesforce-zero-day-exploited-phish-facebook-credentials
|
Aug. 3, 2023 |
Midnight Blizzard conducts targeted social engineering over Microsoft Teams |
https://www.microsoft.com/en-us/security/blog/2023/08/02/midnight-blizzard-conducts-targeted-social-engineering-over-microsoft-teams/
|
Aug. 3, 2023 |
Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection |
https://www.darkreading.com/attacks-breaches/russian-apt-bluecharlie-swaps-infrastructure-to-evade-detection
|
Aug. 3, 2023 |
Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events |
https://www.microsoft.com/en-us/security/business/security-insider/reports/cyber-signals/cyber-signals-issue-5-cyberthreats-increasingly-target-the-worlds-biggest-event-stages/
|
July 31, 2023 |
Second Ivanti EPMM Zero-Day Vulnerability Exploited in Targeted Attacks |
https://www.securityweek.com/second-ivanti-epmm-zero-day-vulnerability-exploited-in-targeted-attacks/
|
July 31, 2023 |
SpyNote continues to attack financial institutions | Cleafy Labs |
https://www.reddit.com/r/netsec/comments/15ebsh4/spynote_continues_to_attack_financial/
|
July 31, 2023 |
Kenya cyber-attack: Why is eCitizen down? |
https://www.bbc.com/news/world-africa-66337573
|
July 31, 2023 |
Hackers exploit BleedingPipe RCE to target Minecraft servers, players |
https://www.bleepingcomputer.com/news/security/hackers-exploit-bleedingpipe-rce-to-target-minecraft-servers-players/
|
July 31, 2023 |
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor |
https://medium.com/@knownsec404team/patchworks-new-assault-weapons-report-eyeshell-weapons-disclosure-181833f434be
|
July 31, 2023 |
Canon warns of Wi-Fi security risks when discarding inkjet printers |
https://www.bleepingcomputer.com/news/security/canon-warns-of-wi-fi-security-risks-when-discarding-inkjet-printers/
|
July 31, 2023 |
TelegramRAT - Cross Platform Telegram Based RAT That Communicates Via Telegram To Evade Network Restrictions |
https://www.kitploit.com/2023/07/telegramrat-cross-platform-telegram.html?m=1
|
July 31, 2023 |
Air-Gapped ICS Systems Targeted by Sophisticated Malware |
https://www.darkreading.com/ics-ot/air-gapped-ics-systems-targeted-sophisticated-malware
|
July 31, 2023 |
Cado Security Labs Encounter Novel Malware, Redis P2Pinfect |
https://www.cadosecurity.com/redis-p2pinfect/
|
July 30, 2023 |
Now Abyss Locker also targets VMware ESXi servers |
https://securityaffairs.com/148933/malware/abyss-locker-vmware-esxi.html?amp=1
|
July 28, 2023 |
CISA Releases Malware Analysis Reports on Barracuda Backdoors |
https://www.cisa.gov/news-events/alerts/2023/07/28/cisa-releases-malware-analysis-reports-barracuda-backdoors
|
July 28, 2023 |
Android malware steals user credentials using optical character recognition |
https://arstechnica.com/security/2023/07/android-malware-uses-ocr-to-capture-credentials-displayed-on-phone-screens/?utm_brand=arstechnica&utm_source=twitter&utm_social-type=owned&utm_medium=social
|
July 28, 2023 |
Hackers are infecting Call of Duty players with a self-spreading malware |
https://techcrunch.com/2023/07/27/hackers-are-infecting-call-of-duty-players-with-a-self-spreading-malware/
|
July 27, 2023 |
60,000 Androids have stalkerware-type app Spyhide installed |
https://www.malwarebytes.com/blog/news/2023/07/60000-androids-have-stalkerware-type-app-spyhide-installed
|
July 27, 2023 |
AXIS A1001 Network Door Controller Flaw Exposes Secure Facilities |
https://www.hackread.com/axis-a1001-flaw-facilities-unauthorized-access/
|
July 27, 2023 |
Ransomware groups claim responsibility for double-attack on Yamaha |
https://www.malwarebytes.com/blog/news/2023/07/ransomware-groups-claim-responsibility-for-double-attack-on-yamaha
|
July 26, 2023 |
Chinese hacking group APT31 uses mesh of home routers to disguise attacks |
https://therecord.media/chinese-hacking-group-apt31-uses-mesh-of-home-routers-to-disguise-attacks
|
July 26, 2023 |
VMware fixes bug exposing CF API admin credentials in audit logs |
https://www.bleepingcomputer.com/news/security/vmware-fixes-bug-exposing-cf-api-admin-credentials-in-audit-logs/
|
July 26, 2023 |
Super Admin elevation bug puts 900,000 MikroTik devices at risk |
https://www.bleepingcomputer.com/news/security/super-admin-elevation-bug-puts-900-000-mikrotik-devices-at-risk/
|
July 26, 2023 |
Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets |
https://iamdeadlyz.gitbook.io/malware-research/july-2023/fake-blockchain-games-deliver-redline-stealer-and-realst-stealer-a-new-macos-infostealer-malware
|
July 26, 2023 |
Advisory: Ivanti Endpoint Manager Mobile (EPMM) Authentication Bypass Vulnerability |
https://www.mnemonic.io/resources/blog/ivanti-endpoint-manager-mobile-epmm-authentication-bypass-vulnerability/
|
July 24, 2023 |
ALPHV ransomware group now provides an API for their ransomware leak site. |
https://twitter.com/vxunderground/status/1683479796917891075?s=20
|
July 24, 2023 |
Google half-patches Cloud Build permissions exploit, the rest is on you |
https://www.theregister.com/2023/07/24/infosec_in_brief/
|
July 24, 2023 |
Experts warn of OSS supply chain attacks against the banking sector |
https://securityaffairs.com/148757/cyber-crime/supply-chain-attack-banking-sector.html?amp=1
|
July 24, 2023 |
Deconstructing PowerShell Obfuscation in Malspam Campaigns |
https://www.sentinelone.com/blog/deconstructing-powershell-obfuscation-in-malspam-campaigns/
|
July 24, 2023 |
Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks |
https://www.mandiant.com/resources/blog/privileges-third-party-windows-installers
|
July 24, 2023 |
North Korea Leverages SaaS Provider in a Targeted Supply Chain Attack |
https://www.mandiant.com/resources/blog/north-korea-supply-chain
|
July 24, 2023 |
Lookout Attributes Advanced Android Surveillanceware to Chinese Espionage Group APT41 |
https://www.lookout.com/threat-intelligence/article/wyrmspy-dragonegg-surveillanceware-apt41
|
July 23, 2023 |
BMC Firmware Flaw Affecting Millions Gives Superuser Access |
https://arstechnica.com/security/2023/07/millions-of-servers-inside-data-centers-imperiled-by-flaws-in-ami-bmc-firmware/
|
July 23, 2023 |
Shadowserver Reported That +15k Citrix Servers Are Likely Vulnerable To Attacks Exploiting The Flaw Cve-2023-3519 |
https://securityaffairs.com/148735/hacking/15k-citrix-servers-vulnerable-cve-2023-3519.html?amp=1
|
July 23, 2023 |
Roblox Pwned |
https://haveibeenpwned.com/PwnedWebsites#Roblox
|
July 23, 2023 |
NetScaler RCE Abused To Pilfer Critical Infra Active Directory Data |
https://www.scmagazine.com/news/critical-infrastructure/netscaler-rce-bug-critical-infrastructure-active-directory-data
|
July 22, 2023 |
Phishers Exploiting Google Docs to Harvest Crypto Credentials |
https://www.hackread.com/phishers-google-docs-harvest-crypto-credentials/
|
July 21, 2023 |
Band-aid on a… corpse: Microsoft patches IE — again |
https://www.kaspersky.com/blog/microsoft-patch-tuesday-july-2023/48606/
|
July 21, 2023 |
Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks |
https://www.hackread.com/global-cdn-service-jsdelivr-phishing-attacks/
|
July 20, 2023 |
New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems |
https://thehackernews.com/2023/07/new-p2pinfect-worm-targeting-redis.html?m=1
|
July 20, 2023 |
AVrecon RAT hidden in SOHO routers infected 70,000 devices in 20 countries in two years |
https://securityonline.info/avrecon-rat-hidden-in-soho-routers-infected-70000-devices-in-20-countries-in-two-years/
|
July 20, 2023 |
Critical AMI MegaRAC bugs can let hackers brick vulnerable servers |
https://www.bleepingcomputer.com/news/security/critical-ami-megarac-bugs-can-let-hackers-brick-vulnerable-servers/
|
July 20, 2023 |
Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks |
https://thehackernews.com/2023/07/mallox-ransomware-exploits-weak-ms-sql.html
|
July 20, 2023 |
Apache OpenMeetings Wide Open to Account Takeover, Code Execution |
https://www.darkreading.com/remote-workforce/apache-openmeetings-account-takeover-code-execution
|
July 19, 2023 |
Microsoft has identified targeted attacks against the defense sector in Ukraine and Eastern Europe by the threat actor Secret Blizzard (KRYPTON, UAC-0003) leveraging DeliveryCheck, a novel .NET backdoor used to deliver a variety of second stage payloads. |
https://twitter.com/msftsecintel/status/1681695399084539908
|
July 19, 2023 |
Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware |
https://thehackernews.com/2023/07/chinese-apt41-hackers-target-mobile.html?m=1
|
July 19, 2023 |
Ukraine takes down massive bot farm, seizes 150,000 SIM cards |
https://www.bleepingcomputer.com/news/security/ukraine-takes-down-massive-bot-farm-seizes-150-000-sim-cards/
|
July 19, 2023 |
American Airlines Hacked by Cl0P Gang, MOVEit Involved |
https://gridinsoft.com/blogs/american-airlines-hack-cl0p/
|
July 19, 2023 |
FakeSG enters the 'FakeUpdates' arena to deliver NetSupport RAT |
https://www.malwarebytes.com/blog/threat-intelligence/2023/07/socgholish-copycat-delivers-netsupport-rat
|
July 18, 2023 |
Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites |
https://thehackernews.com/2023/07/cybercriminals-exploiting-woocommerce.html
|
July 18, 2023 |
New breach: 4k records from the 2017-2020 Roblox Developers Conferences |
https://twitter.com/haveibeenpwned/status/1681414153494470656
|
July 18, 2023 |
Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surge |
https://www.darkreading.com/attacks-breaches/sogu-snowydrive-malware-usb-based-cyberattacks-surge
|
July 18, 2023 |
Freemius WordPress SDK used by 7M sites is vulnerable to XSS attack (CVE-2023-33999) |
https://securityonline.info/freemius-wordpress-sdk-used-by-7m-sites-is-vulnerable-to-xss-attack-cve-2023-33999/
|
July 18, 2023 |
FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks |
https://thehackernews.com/2023/07/fin8-group-using-modified-sardonic.html?m=1
|
July 18, 2023 |
Pakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad Malware |
https://thehackernews.com/2023/07/pakistani-entities-targeted-in.html?m=1
|
July 18, 2023 |
Critical ColdFusion flaws exploited in attacks to drop webshells |
https://www.bleepingcomputer.com/news/security/critical-coldfusion-flaws-exploited-in-attacks-to-drop-webshells/
|
July 18, 2023 |
Google Cloud Build bug lets hackers launch supply chain attacks |
https://www.bleepingcomputer.com/news/security/google-cloud-build-bug-lets-hackers-launch-supply-chain-attacks/
|
July 18, 2023 |
Microsoft Exchange Online hit by new outage blocking emails |
https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-online-hit-by-new-outage-blocking-emails/
|
July 17, 2023 |
WINTAPIX: A New Kernel Driver Targeting Countries in The Middle East |
https://www.fortinet.com/blog/threat-research/wintapix-kernal-driver-middle-east-countries
|
July 17, 2023 |
Adobe warns of critical Colfdusion RCE bug exploited in attacks |
https://www.bleepingcomputer.com/news/security/adobe-warns-of-critical-colfdusion-rce-bug-exploited-in-attacks/
|
July 17, 2023 |
JumpCloud discloses breach by state-backed APT hacking group |
https://www.bleepingcomputer.com/news/security/jumpcloud-discloses-breach-by-state-backed-apt-hacking-group/
|
July 17, 2023 |
A Spelling Mistake Is Causing Thousands of Sensitive Pentagon Documents to Be Leaked to a Russian Ally |
https://themessenger.com/news/thousands-of-sensitive-military-documents-are-being-leaked-to-russian-ally-because-of-spelling-mistake
|
July 17, 2023 |
Thousands of images on Docker Hub leak auth secrets, private keys |
https://www.bleepingcomputer.com/news/security/thousands-of-images-on-docker-hub-leak-auth-secrets-private-keys/
|
July 15, 2023 |
Fake TeamViewer Installer Used to Deliver njRAT Malware |
https://www.hackread.com/fake-teamviewer-installer-njrat-malware/
|
July 14, 2023 |
TeamTNT's Cloud Credential Stealing Campaign Now Targets Azure and Google Cloud |
https://thehackernews.com/2023/07/teamtnts-cloud-credential-stealing.html
|
July 13, 2023 |
SonicWall warns admins to patch critical auth bypass bugs immediately |
https://www.bleepingcomputer.com/news/security/sonicwall-warns-admins-to-patch-critical-auth-bypass-bugs-immediately/
|
July 13, 2023 |
The Turkish Government Masqueraded Site Distributing Android RAT |
https://blog.cyble.com/2023/07/10/the-turkish-government-masqueraded-site-distributing-android-rat/
|
July 13, 2023 |
CL0P HACKER OPERATING FROM RUSSIA-UKRAINE WAR FRONT LINE |
https://securityaffairs.com/148399/cyber-crime/cl0p-hacker-operating-from-russia-ukraine.html?amp=1
|
July 13, 2023 |
USB drive malware attacks spiking again in first half of 2023 |
https://www.bleepingcomputer.com/news/security/usb-drive-malware-attacks-spiking-again-in-first-half-of-2023/
|
July 13, 2023 |
New PyLoose Linux malware mines crypto directly from memory |
https://www.bleepingcomputer.com/news/security/new-pyloose-linux-malware-mines-crypto-directly-from-memory/
|
July 13, 2023 |
Russian state hackers lure Western diplomats with BMW car ads |
https://www.bleepingcomputer.com/news/security/russian-state-hackers-lure-western-diplomats-with-bmw-car-ads/
|
July 12, 2023 |
Novel RedDriver tool used in attacks against Chinese Microsoft users |
https://www.scmagazine.com/brief/device-security/novel-reddriver-tool-used-in-attacks-against-chinese-microsoft-users
|
July 12, 2023 |
Behind the Scenes: Unveiling the Hidden Workings of Earth Preta APT |
https://www.trendmicro.com/en_us/research/23/f/behind-the-scenes-unveiling-the-hidden-workings-of-earth-preta.html
|
July 12, 2023 |
Hackers Exploit Policy Loophole in Windows Kernel Drivers |
https://www.darkreading.com/endpoint/hackers-exploit-policy-loophole-windows-kernel-drivers
|
July 7, 2023 |
CISA warns govt agencies to patch actively exploited Android driver |
https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-patch-actively-exploited-android-driver/
|
July 7, 2023 |
Global Translation Service Exposed Highly Sensitive Records Online |
https://www.hackread.com/global-translation-service-exposed-records/
|
July 7, 2023 |
Cisco warns of a flaw in Nexus 9000 series switches that allows modifying encrypted traffic |
https://securityaffairs.com/148235/security/cisco-nexus-9000-series-flaw.html?amp=1
|
July 7, 2023 |
China-Linked Spyware Found in Google Play Store Apps, 2m Downloads |
https://www.hackread.com/china-spyware-google-play-store-apps/
|
July 7, 2023 |
JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident |
https://thehackernews.com/2023/07/jumpcloud-resets-api-keys-amid-ongoing.html?m=1
|
July 6, 2023 |
Botnets Send Exploits Within Days to Weeks After Published PoC |
https://www.darkreading.com/vulnerabilities-threats/botnets-send-exploits-only-day-to-weeks-after-published-poc
|
July 5, 2023 |
Understanding Malware-as-a-Service |
https://securelist.com/malware-as-a-service-market/109980
|
July 5, 2023 |
SmugX: Chinese Hackers Targeting Embassies in Europe |
https://www.hackread.com/smugx-attack-chinese-hackers-europe/
|
July 4, 2023 |
CVE-2023-27997 Is Exploitable, and 69% of FortiGate Firewalls Are Vulnerable |
https://bishopfox.com/blog/cve-2023-27997-exploitable-and-fortigate-firewalls-vulnerable?utm_campaign=awareness&utm_medium=social&utm_source=twitter&utm_term=blog
|
July 3, 2023 |
Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs |
https://www.bleepingcomputer.com/news/security/hackers-exploit-zero-day-in-ultimate-member-wordpress-plugin-with-200k-installs/
|
July 3, 2023 |
Neo_Net | The Kingpin of Spanish eCrime |
https://www.sentinelone.com/blog/neo_net-the-kingpin-of-spanish-ecrime/
|
July 3, 2023 |
New proxyjacking attacks monetize hacked SSH servers’ bandwidth |
https://www.bleepingcomputer.com/news/security/new-proxyjacking-attacks-monetize-hacked-ssh-servers-bandwidth/
|
July 3, 2023 |
Us, hacked by LockBit? No, says TSMC, that would be our IT supplier |
https://www.theregister.com/2023/06/30/tsmc_supplier_lockbit_breach/
|
July 3, 2023 |
New 'RustBucket' Malware Variant Targeting macOS Users |
https://thehackernews.com/2023/07/beware-new-rustbucket-malware-variant.html
|
June 30, 2023 |
Iran-linked Charming Kitten Apt Enhanced Its Powerstar Backdoor |
https://securityaffairs.com/147995/apt/charming-kitten-powerstar-backdoor.html?amp=1
|
June 30, 2023 |
MOVEit Hackers Find Simpler Business Model Than Ransomware |
https://www.scmagazine.com/analysis/third-party-risk/moveit-hackers-may-have-found-simpler-business-model-beyond-ransomware
|
June 29, 2023 |
From Group to Individual: Modeling InformNapalm’s Article on Sergey Morgachev of APT28 |
https://vertex.link/blogs/doxed-gru-officer/
|
June 28, 2023 |
New Mockingjay process injection technique evades EDR detection |
https://www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/
|
June 28, 2023 |
Warning: JavaScript registry npm vulnerable to 'manifest confusion' abuse |
https://www.theregister.com/2023/06/27/javascript_registry_npm_vulnerable/
|
June 28, 2023 |
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution |
https://thehackernews.com/2023/06/critical-sql-injection-flaws-expose.html?m=1
|
June 24, 2023 |
Chinese Espionage Malware Targets European Healthcare via USB Drives |
https://www.hackread.com/china-espionage-malware-usb-drives-europe/
|
June 24, 2023 |
New strain of JavaScript dropper delivers Bumblebee and IcedID malware |
https://www.scmagazine.com/news/malware/new-strain-of-javascript-dropper-delivers-bumblebee-and-icedid-malware
|
June 23, 2023 |
UK cyberspies warn ransomware crews targeting law firms |
https://www.theregister.com/2023/06/23/ransomware_law_firms/
|
June 22, 2023 |
20-Year-Old Chinese APT15 Finds New Life in Foreign Ministry Attacks |
https://www.darkreading.com/vulnerabilities-threats/20-year-old-chinese-apt15-new-life-foreign-ministry-attacks
|
June 22, 2023 |
AWS WAF Clients Left Vulnerable to SQL Injection Due to Unorthodox MSSQL Design Choice |
https://www.gosecure.net/blog/2023/06/21/aws-waf-clients-left-vulnerable-to-sql-injection-due-to-unorthodox-mssql-design-choice/
|
June 22, 2023 |
eSentire Threat Intelligence Malware Analysis: Resident Campaign |
https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-resident-campaign
|
June 22, 2023 |
US Military Personnel Targeted by Unsolicited Smartwatches Linked to Data Breaches |
https://www.hackread.com/us-military-unsolicited-smartwatches-data-breach/
|
June 22, 2023 |
Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites |
https://thehackernews.com/2023/06/critical-flaw-found-in-wordpress-plugin.html?m=1
|
June 22, 2023 |
APT37 hackers deploy new FadeStealer eavesdropping malware |
https://www.bleepingcomputer.com/news/security/apt37-hackers-deploy-new-fadestealer-eavesdropping-malware/
|
June 22, 2023 |
Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce Malware |
https://labs.jumpsec.com/advisory-idor-in-microsoft-teams-allows-for-external-tenants-to-introduce-malware/
|
June 21, 2023 |
Silent Push Launches with $10M in Total Funding to Bring Detection Focused Threat Intelligence to the Market |
https://www.prnewswire.com/news-releases/silent-push-launches-with-10m-in-total-funding-to-bring-detection-focused-threat-intelligence-to-the-market-301850019.html
|
June 21, 2023 |
eSentire Threat Intelligence Malware Analysis: Aurora Stealer |
https://www.esentire.com/blog/esentire-threat-intelligence-malware-analysis-aurora-stealer
|
June 20, 2023 |
AI suggested 40,000 new possible chemical weapons in just six hours |
https://www.theverge.com/2022/3/17/22983197/ai-new-possible-chemical-weapons-generative-models-vx
|
June 20, 2023 |
ASUS Product Security Advisory - Patch Now! |
https://www.asus.com/content/asus-product-security-advisory/
|
June 20, 2023 |
100K+ Compromised ChatGPT Accounts on Dark Web Marketplaces |
https://www.group-ib.com/media-center/press-releases/stealers-chatgpt-credentials/
|