New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

/in

Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an “evolving threat” called JSOutProx.
“JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET,” Resecurity said in a technical report published this week.
“It employs the .NET (de)serialization feature to interact with a core

The Hacker News – ​Read More

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

/in

Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893).
The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886.
The Google Cloud

The Hacker News – ​Read More

Byakugan – The Malware Behind a Phishing Attack

/in

In January 2024, FortiGuard Labs collected a PDF file written in Portuguese that distributes a multi-functional malware known as Byakugan. While investigating this campaign, a report about it was published.

Cyware News – Latest Cyber News – ​Read More

Critical Flaw in LayerSlider WordPress Plugin Impacts One Million Sites

/in

A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin.

Cyware News – Latest Cyber News – ​Read More

Web3 Security Specialist Hypernative To Provide Proactive Protection To The Flare Ecosystem

/in

By Owais Sultan

Institutions, dApps and users on Flare will now benefit from Hypernative’s industry-leading ecosystem-wide protection suite. 

This is a post from HackRead.com Read the original post: Web3 Security Specialist Hypernative To Provide Proactive Protection To The Flare Ecosystem

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

DataStax acquires Langflow to accelerate enterprise generative AI app development

/in

DataStax acquires Langflow, an open-source platform for building retrieval-augmented generation applications, to accelerate enterprise adoption of generative AI and simplify AI app development.Read More

Security News | VentureBeat – ​Read More

SEXi Ransomware Desires VMware Hypervisors in Ongoing Campaign

/in

A Babuk variant has been involved in at least four attacks on VMware EXSi servers in the last six weeks, in one case demanding $140 million from a Chilean data center company.

darkreading – ​Read More

Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed

/in

So far this year, Ivanti has disclosed a total of 11 flaws — many of them critical — in its remote access products.

darkreading – ​Read More

Malicious Latrodectus Downloader Picks Up Where QBot Left Off

/in

Initial access brokers are using the new downloader malware, which emerged just after QBot’s 2023 disruption.

darkreading – ​Read More

Google survey: 63% of IT and security pros believe AI will improve corporate cybersecurity

/in

Meanwhile, 36% were either neutral or disagreed that AI would play an important role in improving their cybersecurity.

Latest stories for ZDNET in Security – ​Read More