The malware’s obfuscation and custom code suggest mature threat actors, but the inclusion of childish elements complicates attribution, making it difficult to determine the exact nature of the operation.
Cyware News – Latest Cyber News – Read More
The vulnerabilities, tracked as CVE-2023-846805 and CVE-2024-21887, were used in an attack last month to steal configuration data, modify files, and gain unauthorized access to systems.
Cyware News – Latest Cyber News – Read More
Atomic Stealer, a popular malware among criminals, has recently been updated with payload encryption to evade detection and has been distributed through malvertising campaigns and cracked software.
Cyware News – Latest Cyber News – Read More
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system.
Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file upload bug residing in the web-based management interface and is the result of a lack of authentication in a specific
The Hacker News – Read More
The adversary is exploiting two known misconfigurations in the big data technologies to drop a Monero cryptominer.
darkreading – Read More
Consumer electronics manufacturers are innovating fast. Regulators are slow to keep up. Data privacy is in the balance.
darkreading – Read More
The compromise of Mandiant’s X (formerly Twitter) account last week was likely the result of a “brute-force password attack,” attributing the hack to a drainer-as-a-service (DaaS) group.
“Normally, [two-factor authentication] would have mitigated this, but due to some team transitions and a change in X’s 2FA policy, we were not adequately protected,” the threat intelligence firm said
The Hacker News – Read More
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers.
Cybersecurity firm Volexity, which identified the activity on the network of one of its customers in the second week of December 2023, attributed it to a hacking group it tracks under the name UTA0178
The Hacker News – Read More
While its small server suite may be a dealbreaker, Mullvad VPN’s strong focus on privacy sets it apart from other VPNs on the market. Read more below.
Security | TechRepublic – Read More