Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

/in

A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine.
The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user’s NTLMv2 hash. It was patched by Microsoft earlier this

The Hacker News – ​Read More

Teen Behind Hundreds of Swatting Attacks Pleads Guilty to Federal Charges

/in

Alan Filion, believed to have operated under the handle “Torswats,” admitted to making more than 375 fake threats against schools, places of worship, and government buildings around the United States.

Security Latest – ​Read More

US agencies confirm Beijing-linked telecom breach involving call records of politicians, wiretaps

/in

In a statement late on Wednesday, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) said an investigation that began in late October has revealed a “broad and significant cyber espionage campaign.”

The Record from Recorded Future News – ​Read More

Microsoft brings AI to the farm and factory floor, partnering with industry giants

/in

Credit: VentureBeat made with Midjourney

Microsoft collaborates with Siemens, Bayer, and Rockwell Automation to launch industry-specific AI models designed to boost efficiency in manufacturing, agriculture, and finance through tailored AI solutions available via Azure AI.Read More

Security News | VentureBeat – ​Read More

Toolkit Vastly Expands APT41’s Surveillance Powers

/in

The China-affiliated group is using the highly modular DeepData framework to target organizations in South Asia.

darkreading – ​Read More

OpenText Cybersecurity Unveils 2024’s Nastiest Malware

/in

Post Content

darkreading – ​Read More

5 Ways to Save Your Organization From Cloud Security Threats

/in

The shift to cloud means securing your organization’s digital assets requires a proactive, multi-layered approach

darkreading – ​Read More

LastPass adds passkey support for free and premium users – but there’s a catch

/in

LastPass users can take another step toward a password-less world. Here’s how to activate the beta feature now.

Latest stories for ZDNET in Security – ​Read More

Iranian Cybercriminals Target Aerospace Workers via LinkedIn

/in

The group seeks out aerospace professionals by impersonating job recruiters — a demographic it has targeted in the past as well — then deploys the SlugResin backdoor malware.

darkreading – ​Read More