Threats and Malware
Threats & Malware, Virus & Malware
July 25, 2024
Via: SecureWorldKnowBe4, a cybersecurity company specializing in awareness training and simulated phishing, recently disclosed an attempted infiltration by a North Korean operative posing as a software engineer. This incident sheds light on the evolving tactics of state-sponsored threat actors and underscores […]
July 24, 2024
Via: TechRadarA threat actor known by their alias ‘emo’ has posted the entire BreachForums v1 database, generated through late 2022, on Telegram, reportedly with the aim of allowing users to fix the holes in their OPSEC (operational security). As reported by […]
Threats & Malware, Vulnerabilities
July 24, 2024
Via: SecurityWeekThere have been so many hot takes about the CrowdStrike disaster that I don’t feel any need to add mine. But when you see what Delta Airlines is *still* doing to passengers some five days after this one piece of […]
Threats & Malware, Virus & Malware
July 18, 2024
Via: The RegisterProlific Russian cybercrime syndicate FIN7 is using various pseudonyms to sell its custom security solution-disabling malware to different ransomware gangs. AvNeutralizer malware was previously thought to be solely linked to the Black Basta group, but fresh research has uncovered various […]
Threats & Malware, Virus & Malware
July 11, 2024
Via: The RegisterYet another new ransomware gang, this one dubbed EstateRansomware, is now exploiting a Veeam vulnerability that was patched more than a year ago to deploy file-encrypting malware, a LockBit variant, and extort payments from victims. Veeam fixed the flaw, tracked […]
Threats & Malware, Vulnerabilities
July 10, 2024
Via: Help Net SecurityCVE-2024-38112, a spoofing vulnerability in Windows MSHTML Platform for which Microsoft has released a fix on Tuesday, has likely been exploited by attackers in the wild for over a year, Check Point researcher Haifei Li has revealed. “Check Point Research […]
Threats & Malware, Virus & Malware
July 9, 2024
Via: The RegisterWhen it comes to surveillance malware, sophisticated spyware with complex capabilities tends to hog the limelight – for example NSO Group’s Pegasus, which is sold to established governments. But it’s actually less polished kit that you’ve never heard of, like […]
July 8, 2024
Via: The RegisterIt’s been a week of bad cyber security revelations for OpenAI, after news emerged that the startup failed to report a 2023 breach of its systems to anybody outside the organization, and that its ChatGPT app for macOS was coded […]
Threats & Malware, Vulnerabilities
July 5, 2024
Via: The RegisterKeen meatheads better hope they haven’t angered any cybersecurity folk before allowing their Traeger grills to update because a new high-severity vulnerability could be used for all kinds of high jinks. With summer in full swing in the northern hemisphere, […]
July 2, 2024
Via: The RegisterThe number of financial institutions caught up in the ransomware attack on Evolve Bank & Trust continues to rise as fintech businesses Wise and Affirm both confirm they have been materially affected. News of Evolve being compromised by extortionists broke […]
Threats & Malware, Vulnerabilities
July 2, 2024
Via: TechRadarOpenSSH, regarded as one of the “most secure software implementations in the world” has a “glaring gap” that allows threat actors to completely take over Linux systems that have it installed, experts have warned. A report from Qualys claims the […]
June 26, 2024
Via: The RegisterAmerican healthcare provider Geisinger fears highly personal data on more than a million of its patients has been stolen – and claimed a former employee at a Microsoft subsidiary is the likely culprit. Geisinger on Monday announced the results of […]
Threats & Malware, Vulnerabilities
June 26, 2024
Via: The RegisterThought last year’s MOVEit hellscape was well and truly behind you? Unlucky, buster. We’re back for round two after Progress Software lifted the lid on fresh vulnerabilities affecting MOVEit Transfer and Gateway. Progress Software initially contacted users on June 13 […]
Threats & Malware, Vulnerabilities
June 25, 2024
Via: The RegisterUS cybersecurity agency CISA is urging high-risk chemical facilities to secure their online accounts after someone broke into its Chemical Security Assessment Tool (CSAT) portal. CSAT is used by industry facilities that house chemicals of interest, of which there are […]
June 24, 2024
Via: The RegisterThere were data breaches galore in the US last week with various major incidents reported to state attorneys general, some in good time, some not. We’ve got our top picks here for you, starting with the US’s most legendary denim […]
Threats & Malware, Virus & Malware
June 21, 2024
Via: The RegisterThe vendor behind the software on which nearly 15,000 car dealerships across the US rely says an ongoing “cyber incident” has forced it to pull systems offline for a second time in as many days. CDK Global first shut down […]
Threats & Malware, Vulnerabilities
June 21, 2024
Via: The RegisterKraken, one of the largest cryptocurrency exchanges in the world, has accused a trio of security researchers of discovering a critical bug, expoliting it to steal millions in digital cash, then using stolen funds to extort the exchange for more. […]
June 20, 2024
Via: TechRadarSecurity pros are warning of a new infostealer being distributed using different methods across the internet. Fickle Stealer does the usual tactics – steals sensitive files, system information, files stored in the browser, cryptocurrency wallet information, and more – but […]
Threats & Malware, Vulnerabilities
June 19, 2024
Via: TechRadarSecurity researchers recently claimed to have found a flaw that could allow threat actors to spoof Microsoft corporate emails. A cybersecurity researcher with the alias Slonser (full name Vsevolod Kokorin, according to TechCrunch) recently posted on X with a telling […]
Threats & Malware, Vulnerabilities
June 19, 2024
Via: The Hacker NewsCrypto exchange Kraken revealed that an unnamed security researcher exploited an “extremely critical” zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken’s Chief Security […]