ESET Research Podcast: HotPage
ESET researchers discuss HotPage, a recently discovered adware armed with a highest-privilege, yet vulnerable, Microsoft-signed driver
WeLiveSecurity – Read More
Bitcoin ATM scams skyrocket – Week in security with Tony Anscombe
The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams
WeLiveSecurity – Read More
Hackers Threaten to Leak Planned Parenthood Data
Plus: Kaspersky’s US business sold, Nigerian sextortion scammers jailed, and Europe’s controversial encryption plans return.
Security Latest – Read More
Veeam Backup & Replication Faces RCE Flaw Allows Full System Takeover
A critical Remote Code Execution (RCE) flaw, CVE-2024-40711, with a CVSS score of 9. 8 has been discovered in Veeam Backup & Replication, allowing unauthorized attackers to take full control over systems.
Cyware News – Latest Cyber News – Read More
BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar
The BlindEagle APT group has recently targeted the Colombian insurance sector. The attack chain starts with a phishing email impersonating DIAN, the Colombian tax authority.
Cyware News – Latest Cyber News – Read More
FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals
Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information.
Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian national, have been charged with conspiracy to commit access device fraud and conspiracy to commit wire
The Hacker News – Read More
North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams
Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation.
These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the Web3 sector.
“After an initial chat conversation, the attacker sent a ZIP file that contained
The Hacker News – Read More
Fog Ransomware Now Targeting the Financial Sector
Fog, a variant of STOP/DJVU family, targets various sectors, exploiting VPN vulnerabilities to infiltrate network defenses. After infiltration, Fog ransomware disables protective measures, encrypts vital files, and demands ransom via the Tor network.
Cyware News – Latest Cyber News – Read More
Apache fixes critical OFBiz remote code execution vulnerability
Apache has addressed a critical remote code execution vulnerability in its OFBiz software, which could allow attackers to run malicious code on Linux and Windows servers. OFBiz is a CRM and ERP suite that serves as a Java-based web framework.
Cyware News – Latest Cyber News – Read More
Penpie DeFi platform files reports with FBI, Singapore police after $27 million crypto theft
The Penpie DeFi platform recently reported a $27 million cryptocurrency theft to the FBI and Singapore police. Hackers targeted the protocol, stealing ethereum and prompting Penpie to halt withdrawals and deposits.
Cyware News – Latest Cyber News – Read More