New Cross-Platform Malware ‘Noodle RAT’ Targets Windows and Linux Systems

/in

A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years.
While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said “this backdoor is not merely a variant of existing malware, but is a new type altogether.”

The Hacker News – ​Read More

Rockwell’s ICS Directive Comes As Critical Infrastructure Risk Peaks

/in

Critical infrastructure is facing increasingly disruptive threats to physical processes, while thousands of devices are online with weak authentication and riddled with exploitable bugs.

darkreading – ​Read More

Scores of Biometrics Bugs Emerge, Highlighting Authentication Risks

/in

Face scans stored like passwords inevitably will be compromised, like passwords are. But there’s a crucial difference between the two that organizations can rely on when their manufacturers fail.

darkreading – ​Read More

Cleveland City Hall Shuts Down After Cyber Incident

/in

As city officials continue to investigate, it’s unclear which systems were affected and whether it was a ransomware attack.

darkreading – ​Read More

Ukraine Arrests Cryptor Specialist Aiding Conti and LockBit Ransomware

/in

Ukrainian Police have arrested a ransomware cryptor developer in connection with the notorious Conti and LockBit groups. This arrest was the result of Operation Endgame, a major operation that aims to dismantle key elements of these cybercriminal organizations.

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Mandiant Report: Snowflake Users Targeted for Data Theft and Extortion

/in

A threat actor exploited the Snowflake platform to target organizations for data theft and extortion using compromised credentials. Learn how to protect your business from this threat.

Security | TechRepublic – ​Read More

LockBit & Conti Ransomware Hacker Busted in Ukraine

/in

Accused cybercriminal has special skills that helped Conti and LockBit ransomware evade detection, according to law enforcement.

darkreading – ​Read More

Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation

/in

The zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware.

The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek.

SecurityWeek – ​Read More

Black Basta Ransomware Suspected of Exploiting Windows 0-day Before Patch

/in

The cybersecurity researchers at Symantec have found “strong evidence” suggesting that the Black Basta ransomware gang exploited a critical Windows vulnerability (CVE-2024-26169) before it was patched by Microsoft on March 12, 2024, through its regular Patch Tuesday updates.

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

TellYouthePass Ransomware Group Exploits Critical PHP Flaw

/in

An RCE vulnerability that affects the Web scripting language on Windows systems is easy to exploit and can provide a broad attack surface.

darkreading – ​Read More