China’s Evasive Panda Attacks ISP to Send Malicious Software Updates
The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.
darkreading – Read More
Startup Spotlight: LeakSignal Helps Plug Leaky Data in Organizations
Cybersecurity startup LeakSignal, a finalists in this year’s Black Hat USA Startup Spotlight competition, helps organizations see where data is leaking within their environment.
darkreading – Read More
Startup Spotlight: Knostic Tackles AI’s Oversharing Problem
Cybersecurity startup Knostic, a finalists in this year’s Black Hat USA Startup Spotlight competition, adds guardrails to how AI uses enterprise data to ensure sensitive data does not get leaked.
darkreading – Read More
Israeli Hacktivist Group Claims it Took Down Iran’s Internet
WeRedEvils announced their intention to target Iranian systems on Telegram, claiming their attack was successful in infiltrating Iran’s computer systems, stealing data, and causing the outage.
Cyware News – Latest Cyber News – Read More
US Sues TikTok for Violating Children Privacy Protection Laws
The lawsuit alleges that TikTok collected personal information from children under 13 without parental consent, failed to delete children-created accounts, and misled parents about data collection.
Cyware News – Latest Cyber News – Read More
Organizations Fail to Log 44% of Cyberattacks, Major Exposure Gaps Remain
According to Picus Security, organizations are failing to detect 44% of cyberattacks, revealing major exposure gaps. 40% of environments tested allowed for attack paths leading to domain admin access.
Cyware News – Latest Cyber News – Read More
CrowdStrike Outage Renews Supply Chain Concerns, Federal Officials Say
Federal officials have raised concerns about the software supply chain and memory safety vulnerabilities following a global IT outage caused by a faulty CrowdStrike software update.
Cyware News – Latest Cyber News – Read More
Evasive Panda Compromises ISP to Distribute Malicious Software Updates
The group used DNS poisoning to redirect software update queries to attacker-controlled servers, infecting victims with malware. Volexity detected one attack in Hong Kong, which ceased when the ISP took action.
Cyware News – Latest Cyber News – Read More
Surge in Magniber Ransomware Attacks Impact Home Users Worldwide
Unlike other ransomware groups targeting businesses, Magniber focuses on individuals. Victims report their devices getting infected after running software cracks. Ransom demands start at $1,000 and escalate to $5,000 if not paid within three days.
Cyware News – Latest Cyber News – Read More
332 Million Email Addresses Scraped from SOCRadar.io Published Online
A hacker known as USDoD claims to have scraped 332 million email addresses from SOCRadar.io, which were later…
Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – Read More