A new Windows backdoor named BITSLOTH has been discovered by cybersecurity researchers. This malware exploits the Background Intelligent Transfer Service (BITS) for stealthy communication, making it difficult to detect.
Cyware News – Latest Cyber News – Read More
This attack method takes advantage of vulnerabilities at the registrar level and lax ownership verification at DNS providers. Research has shown that over a million domains could be vulnerable to this type of attack daily.
Cyware News – Latest Cyber News – Read More
The attackers, posing as interviewers, urge candidates to download a ZIP file containing malware. The campaign has targeted victims in South Korea, North America, Europe, and the Middle East.
Cyware News – Latest Cyber News – Read More
Cisco Investments has invested in Halcyon, an anti-ransomware company, to enhance its platform and reduce ransomware risks to zero. The investment amount remains undisclosed, but Halcyon has raised a total of $90 million so far.
Cyware News – Latest Cyber News – Read More
APT28, a Russia-linked threat actor (also known as Fighting Ursa, Fancy Bear, and Sofacy), has been identified in a campaign using a car sale phishing lure to deliver the HeadLace Windows backdoor to target diplomats since March 2024.
Cyware News – Latest Cyber News – Read More
The open-source ERP framework OFBiz is being targeted by the Mirai botnet due to a critical directory traversal vulnerability that allows for remote command execution. This vulnerability was patched in May for versions before 18.12.13.
Cyware News – Latest Cyber News – Read More
The CISA is working to comply with the Cyber Incident Reporting for Critical Infrastructure Act of 2022, requiring critical infrastructure providers to report cybersecurity incidents and ransomware attacks within specific timeframes.
Cyware News – Latest Cyber News – Read More
The Center for Federal Civilian Executive Branch Resilience, launched by the Institute for Critical Infrastructure Technology, aims to enhance standards and procedures for protecting government agencies from cybercriminals and nation-state hackers.
Cyware News – Latest Cyber News – Read More
The Autonomous Penetration Testing platform would replace much of the laborious, manual process of such testing, where organizations use vulnerability scanning tools and other methods to measure the robustness of their cyberdefenses against hackers
Cyware News – Latest Cyber News – Read More
Hackers are exploiting the free TryCloudflare service to distribute remote access trojans (RATs) like AsyncRAT, GuLoader, and Remcos RAT. This activity was first detected in February and has been linked to campaigns targeting various industries.
Cyware News – Latest Cyber News – Read More