Top

Category: Threats & Malware

Threats and Malware


Threats & Malware, Vulnerabilities

OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories

April 17, 2024

Via: The Register

AI agents, which combine large language models with automation software, can successfully exploit real world security vulnerabilities by reading security advisories, academics have claimed. In a newly released paper, four University of Illinois Urbana-Champaign (UIUC) computer scientists – Richard Fang, […]


Hacker, Threats & Malware

U.S. and Australian police arrested Firebird RAT author and operator

April 15, 2024

Via: Security Affairs

A joint law enforcement operation conducted by the Australian Federal Police (AFP) and the FBI resulted in the arrest and charging of two individuals suspected of creating and selling the Firebird RAT, which was later renamed as Hive. Australian Federal […]


Mobile, Mobile security, Threats & Malware, Virus & Malware

Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users

April 15, 2024

Via: The Hacker News

Cybersecurity researchers have discovered a “renewed” cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. “The latest iteration of LightSpy, dubbed ‘F_Warehouse,’ boasts a modular framework with extensive spying […]


Cyber-crime, Hacker, Malware, Threats & Malware

TA547 targets German organizations with Rhadamanthys malware

April 12, 2024

Via: Security Affairs

Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting […]


Threats & Malware, Vulnerabilities

Palo Alto Networks Warns of Exploited Firewall Vulnerability

April 12, 2024

Via: Security Week

Tracked as CVE-2024-3400 and assigned a severity score of 10 out of 10, the security defect was identified in the GlobalProtect feature of PAN-OS, the operating system running on Palo Alto Networks appliances. “A command injection vulnerability in the GlobalProtect […]


Threats & Malware, Vulnerabilities

Microsoft fixed two zero-day bugs exploited in malware attacks

April 11, 2024

Via: Security Affairs

Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017. The issues impact Microsoft Windows and Windows […]


Hacker, Threats & Malware

Rewards For Justice offers up to $10 million reward for info on ALPHV BlackCat hacker group leaders

April 10, 2024

Via: Panda Security

Rewards For Justice (RFJ), a U.S. government interagency rewards program. Offers up to $10 million reward for any information that could lead to the identification or location of any person from the ALPHV cyber gang, also known as BlackCat, who […]


Threats & Malware, Vulnerabilities

Windows 10 latest update is broken and riddled with bugs – with no fix in sight

April 9, 2024

Via: TechRadar

Back in January, we reported on a small security update patch for Windows 10 that brought on a lot of headaches for IT admins and brought on a veritable cavalcade of error codes. Microsoft promised a fix was in the […]


Threats & Malware, Vulnerabilities

Over 91,000 LG smart TVs running webOS are vulnerable to hacking

April 9, 2024

Via: Security Affairs

Bitdefender researchers discovered multiple vulnerabilities in LG webOS running on smart TVs that could be exploited to bypass authorization and gain root access on the devices. The vulnerabilities discovered by the researchers impact WebOS versions 4 through 7 running on […]


Data loss, Threats & Malware

Home Depot confirms worker data leak after miscreant dumps info online

April 8, 2024

Via: The Register

Home Depot has confirmed that a third-party company accidentally exposed some of its employees’ personal details after a criminal copy-pasted the data online. In a statement to The Register, Home Depot spokesperson Beth Marlowe said: “A third-party SaaS vendor inadvertently […]


Threats & Malware, Vulnerabilities

Hugging Face says it fixed some worrying security issues, moves to boost online protection

April 8, 2024

Via: TechRadar

Multiple generative AI models uploaded to Hugging Face were found to be vulnerable in a way that allowed threat actors to run malicious code and extract sensitive user information. This is according to a new report from the cloud security […]


Data loss, Threats & Malware

US cancer center City of Hope: data breach impacted 827149 individuals

April 4, 2024

Via: Security Affairs

City of Hope is a renowned cancer research and treatment center located in Duarte, California, United States. It is recognized for its comprehensive cancer care, innovative research, and compassionate patient support services. City of Hope suffered a data breach, the […]


Mobile, Mobile security, Threats & Malware, Vulnerabilities

Google Patches Exploited Pixel Vulnerabilities

April 3, 2024

Via: Security Week

The exploited flaws, tracked as CVE-2024-29745 and CVE-2024-29748, impact Pixel’s bootloader and firmware, Google notes in its advisory. The internet giant says it has indications that these two security defects “may be under limited, targeted exploitation,” without providing specific details […]


Threats & Malware, Virus & Malware

Detecting Windows-based Malware Through Better Visibility

April 1, 2024

Via: The Hacker News

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren’t just an inconvenience that hurt businesses and end users – they damage the economy, endanger lives, destroy businesses […]


Threats & Malware, Virus & Malware

Info stealer attacks target macOS users

April 1, 2024

Via: Security Affairs

Jamf Threat Labs researchers analyzed info stealer malware attacks targeting macOS users via malicious ads and rogue websites. One of the attacks spotted by the researchers relied on sponsored ads proposed to the users while searching for “Arc Browser” on […]


Mobile, Mobile security, Threats & Malware, Virus & Malware

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

April 1, 2024

Via: The Hacker News

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started […]


Data loss, Threats & Malware

Massachusetts Health Insurer Data Breach Impacts 2.8 Million

March 29, 2024

Via: Security Week

Identified on April 17, the attack impacted systems associated with Point32Health’s Harvard Pilgrim Health Care brand, including systems serving Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride plans and “used to service members, accounts, brokers, and providers”. “The investigation […]


Hacker, Threats & Malware

Hackers Developing Malicious LLMs After WormGPT Falls Flat

March 27, 2024

Via: DataBreach Today

Cybercrooks are exploring ways to develop custom, malicious large language models after existing tools such as WormGPT failed to cater to their demands for advanced intrusion capabilities, security researchers said. Undergrounds forums teem with hackers’ discussions about how to exploit […]


Threats & Malware, Virus & Malware

TheMoon bot infected 40,000 devices in January and February

March 27, 2024

Via: Security Affairs

The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “TheMoon” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices. The new version of the bot has been spotted infecting thousands of outdated devices […]


Threats & Malware, Virus & Malware

The impact of compromised backups on ransomware outcomes

March 26, 2024

Via: Naked Security

There are two main ways to recover encrypted data in a ransomware attack: restoring from backups and paying the ransom. Compromising an organization’s backups enables adversaries to restrict their victim’s ability to recover encrypted data and dial-up the pressure to […]