- + Network Threats: A Step-by-Step Attack Demonstration—Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetec...
- + DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions—The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and...
- + Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny—Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstandin...
- + State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage—A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target...
- + U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks—The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involve...
- + Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike—Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver malware called SSLoad. The...
- + Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users—Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The fi...
- + CISO Perspectives on Complying with Cybersecurity Regulations—Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compl...
- + eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners—A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners li...
- + CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers—A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and R...
- + Apache Cordova App Harness Targeted in Dependency Confusion Attack—Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion...
- + Webinar: Learn Proactive Supply Chain Threat Hunting Techniques—In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricat...
- + Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery—Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how an...
- + Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases—European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-e...
- + German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies—German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants&nbs...
- + U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse—The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly invo...
- + Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware—The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to ...
- + ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft—The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments...
- + Russian Hacker Group ToddyCat Uses Advanced Tools for Industrial-Scale Data Theft—The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments...
- + Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation—Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, ...
- + MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws—The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure applia...
- + Ransomware Double-Dip: Re-Victimization in Cyber Extortion—Between crossovers - Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a Cyber Extor...
- + Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers—New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal ...
- + Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage—Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more ...
- + New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth—A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecu...
- + Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack—Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild&...
- + Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks—Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of...
- + BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool—Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part o...
- + How Attackers Can Own a Business Without Touching the Endpoint—Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers...
- + Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers—Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than ...
- + Hackers Target Middle East Governments with Evasive "CR4T" Backdoor—Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4...
- + OfflRouter Malware Evades Detection in Ukraine for Almost a Decade—Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an...
- + FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor—The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known...
- + Recover from Ransomware in 5 Minutes—We will Teach You How!—Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you det...
- + New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks—A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest ...
- + How to Conduct Advanced Static Analysis in a Malware Sandbox—Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior....
- + Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide—As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used...
- + Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes—Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them f...
- + Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor—A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backd...
- + Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks—A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, incl...
- + GenAI: A New Headache for SaaS Security Teams—The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS ...
- + Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware—Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-20...
- + Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign—Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to d...
- + Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services—Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web applicat...
- + OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt—Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently...
- + TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks—The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware ...
- + AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs—New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive cred...
- + Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack—The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.6...
- + Identity in the Shadows: Shedding Light on Cybersecurity's Unseen Threats—In today's rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud s...
- + FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations—The U.S. Federal Trade Commission (FTC) has ordered the mental telehealth company Cerebral from using or disclosing personal data for advertising purp...
- + Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown—Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan cal...
- + Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw—A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel ...
- + AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead—Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted a...
- + Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks—The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service pro...
- + Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution—To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) p...
- + Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users—Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS s...
- + Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability—Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation...
- + Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts—A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptoc...
- + U.S. Treasury Hamas Spokesperson for Cyber Influence Operations—The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his...
- + Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack—Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly thr...
- + Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files—"Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings fro...
- + Code Keepers: Mastering Non-Human Identity Management—Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic a...
- + Iranian MuddyWater Hackers Adopt New C2 Tool 'DarkBeatC2' in Latest Campaign—The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the...
- + Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack—Palo Alto Networks is warning that a critical flaw impacting PAN-OS software used in its GlobalProtect gateways is being actively exploited in the wil...
- + Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker—Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to ev...
- + U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt ...
- + Python's PyPI Reveals Its Secrets—GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API...
- + TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer—A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as par...
- + Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks—Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users ...
- + Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability—Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code executi...
- + 'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan—An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, wit...
- + Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files—Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that has been propagating the malware through malicious Windows Script F...
- + Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware—Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading ...
As of 4/25/24 7:57am. Last new 4/25/24 7:57am. Score: 257
- Next feed in category: US-CERT Recently Published Vulnerability Notes