DPRK Uses Microsoft Zero-Day in No-Click Toast Attacks

/in

The “Code-on-Toast” supply chain cyberattacks by APT37 delivered data-stealing malware to users in South Korea who had enabled Toast pop-up ads.

darkreading – ​Read More

Cyprus Thwarted a Digital Attack Against the Government’s Main Online Portal

/in

Cyprus said that it has successfully thwarted a DDoS attack aimed at blocking access to the government’s central online portal.

The post Cyprus Thwarted a Digital Attack Against the Government’s Main Online Portal appeared first on SecurityWeek.

SecurityWeek – ​Read More

“HM Surf” macOS Flaw Lets Attackers Access Camera and Mic – Patch Now!

/in

Researchers at Microsoft discovered a new macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthorized access…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

The AI edge in cybersecurity: Predictive tools aim to slash response times

/in

AI’s ability to sift through massive amounts of data, identify patterns and constantly learn makes it invaluable in cybersecurity.Read More

Security News | VentureBeat – ​Read More

Mirai-Inspired Gorilla Botnet Hits 0.3 Million Targets Across 100 Countries

/in

A new Gorilla Botnet has launched massive DDoS attacks, targeting over 100 countries, according to cybersecurity firm NSFOCUS.…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

/in

Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials.
Russian cybersecurity company Positive Technologies said it discovered last month that an email was sent to an unspecified governmental organization located in one of the Commonwealth of

The Hacker News – ​Read More

North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data

/in

North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks.
“In some instances, fraudulent workers demanded ransom payments from their former employers after gaining

The Hacker News – ​Read More

Hackers Use Fake ESET Emails to Target Israeli Firms with Wiper Malware

/in

Hackers impersonate ESET in phishing attacks targeting Israeli organizations. Malicious emails, claiming to be from ESET, deliver wiper…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

23andMe faces an uncertain future — so does your genetic data 

/in

Financial and security chaos at the once-pioneering genetic testing firm has intensified concerns about user data. Here’s how to take action.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Google Chrome’s uBlock Origin Purge Has Begun

/in

Plus: The alleged SEC X account hacker gets charged, Kroger wriggles out of a face recognition scandal, and Microsoft deals with missing customer security logs.

Security Latest – ​Read More