Researchers from cybersecurity firm DomainTools told Recorded Future News that they have found nearly 30 newly created domains related to tolls, 15 of which have a “high chance of being weaponized for phishing, malware, or spam.”
Cyware News – Latest Cyber News – Read More
Threat actors are continuing to successfully breach across the entire attack surface. Around 93% of enterprises who admitted a breach reported unplanned downtime, data exposure, or financial loss as a result, according to a survey by Pentera.
Cyware News – Latest Cyber News – Read More
New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and processes.
“When a user executes a function that has a path argument in Windows, the DOS path at which the file or folder exists is converted to an NT path,” SafeBreach security researcher Or Yair said&
The Hacker News – Read More
Japan’s CERT warned that the WordPress plugin Forminator, developed by WPMU DEV, is affected by multiple vulnerabilities, including a flaw that allows unrestricted file uploads to the server.
Cyware News – Latest Cyber News – Read More
MITRE R&D network hacked in early January by a state-sponsored threat group that exploited an Ivanti zero-day vulnerability.
The post MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days appeared first on SecurityWeek.
SecurityWeek – Read More
Security experts say Western teenagers comprise a number of active affiliate groups, many with ties to the cybercrime community that calls itself “The Community,” aka the Com or Comm.
Cyware News – Latest Cyber News – Read More
A malware campaign was found injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains, specifically using dynamic DNS TXT records of the tracker-cloud[.]com domain to obtain redirect URLs.
Cyware News – Latest Cyber News – Read More
The new facility, details about which have not previously been reported, marks the fruition of a significant doctrinal shift in how the alliance approaches operations in cyberspace.
Cyware News – Latest Cyber News – Read More
A New York federal jury found a hacker guilty of all charges that he masterminded and carried out a scheme to fraudulently obtain $110 million from cryptocurrency exchange Mango Markets and investors.
Cyware News – Latest Cyber News – Read More
Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more effective and efficient.
“They are learning to use tools powered by AI large language models (LLM) to make their operations more efficient and effective,” the tech giant said in its latest report on East Asia hacking groups.
The company
The Hacker News – Read More