Category: Hacking

April 8, 2024

Threat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. “Latrodectus is an up-and-coming downloader with various sandbox evasion functionality,” researchers from Proofpoint and Team […]

April 5, 2024

Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another […]

April 2, 2024

A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. “Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage […]

March 27, 2024

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users’ systems and carry out malicious actions. “This flaw could have allowed an attacker to exploit a private API, initially intended […]

March 21, 2024

Researchers recently disclosed a significant security flaw in Dormakaba’s Saflok electronic RFID locks, which are popular with hotels. It could allow a hacker to clone a hotel’s keycard to access any room in the building. It is unclear whether hackers […]

March 19, 2024

A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu. “The PhantomBlu operation introduces a nuanced […]

March 14, 2024

The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands. “The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues […]

February 14, 2024

A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders. Trend Micro, which began tracking the campaign in late […]

February 13, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), […]

January 31, 2024

Security analytics firm Mandiant recently uncovered a “never-before-seen” attack chain that used Base 64 encoding on at least two different websites to deliver the second-stage payload of a three-stage malware. The two sites were tech publication Ars Technica and video […]

January 17, 2024

A new security vulnerability called LeftoverLocals affects GPUs made by some of the leading names, like AMD, Apple, and Qualcomm. It enables data theft from the GPU’s memory irrespective of the form factor and operating system. The flaw was discovered […]

December 19, 2023

Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. “Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and […]

December 8, 2023

Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cybercrime landscape, enabling individuals […]

December 7, 2023

Understanding what defines our humanity, recognizing how our qualities can be perceived as vulnerabilities, and comprehending how our minds can be targeted provide the foundation for identifying and responding when we inevitably become the target. The human mind is a […]

November 30, 2023

According to fraud control platform Arkose Labs, a staggering 73 percent of Internet traffic to websites and apps measured between January 2023 and September 2023 was related to bots performing malicious activities like SMS toll fraud, scraping, and card testing. […]

November 17, 2023

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER. […]

November 2, 2023

Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. “In both instances, the adversary attempted to deploy ransomware binaries on […]

October 31, 2023

The FTC’s Safeguards Rule mandates that “non-banking” financial institutions must securely manage and store their customers’ information. This requirement applies to organizations such as mortgage brokers, motor vehicle dealers, and payday lenders, necessitating the development, implementation, and maintenance of a […]

October 25, 2023

September saw a record number of ransomware operations, as indicated in a recently released report by NCC Group. The company’s latest “monthly cyber threat intelligence report” focuses on emerging developments in the threat landscape, particularly in the realm of ransomware […]

October 24, 2023

The backdoor implanted on Cisco devices by exploiting a pair of zero-day flaws in IOS XE software has been modified by the threat actor so as to escape visibility via previous fingerprinting methods. “Investigated network traffic to a compromised device […]