Broadcom Merges Symantec and Carbon Black Into New Business Unit

Fresh off its $69 billion acquisition of VMware, Broadcom creates an Enterprise Security Group unit that merges Symantec and Carbon Black.

The post Broadcom Merges Symantec and Carbon Black Into New Business Unit appeared first on SecurityWeek.

SecurityWeek – ​Read More

BianLian Group Exploits JetBrains TeamCity Bugs in Ransomware Attacks

The BianLian ransomware group exploited vulnerabilities in JetBrains TeamCity software to gain initial access to target environments. The group attempted to execute a custom GO backdoor but switched to LotL and utilized a PowerShell backdoor instead.

Cyware News – Latest Cyber News – ​Read More

Fake Leather Wallet App on Apple App Store is a Crypto Drainer

The developers of the Leather cryptocurrency wallet have issued a warning about a counterfeit app on the Apple App Store. This fake app has led to users reporting that it drains their wallets and steals their digital assets.

Cyware News – Latest Cyber News – ​Read More

New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that’s propagated via phishing emails bearing PDF attachments.
“This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware,” Fortinet FortiGuard Labs researcher Cara Lin said.
The attack chain involves the use of

The Hacker News – ​Read More

Iran-Linked ‘Lord Nemesis’ Group Appears Intent on Intimidating Israeli Organizations, Report Says

An Iranian state-backed hacking group, known as Lord Nemesis, targeted an Israeli academic administration software company called Rashim Software. The attackers used their access to infiltrate several of the company’s clients.

Cyware News – Latest Cyber News – ​Read More

How Not to Become the Target of the Next Microsoft Hack

The alarming number of cyber threats targeting Microsoft cloud applications shows cybersecurity needs an overhaul.

darkreading – ​Read More

CISA Forced to Take Two Systems Offline Last Month After Ivanti Compromise

The breach was limited to two systems, the Infrastructure Protection (IP) Gateway and the Chemical Security Assessment Tool (CSAT), which house critical information about U.S. infrastructure interdependency and private sector chemical security plans.

Cyware News – Latest Cyber News – ​Read More

Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks

150,000 systems possibly impacted by the recent Fortinet vulnerability ​​CVE-2024-21762, but there is still no evidence of widespread exploitation. 

The post Possibly Exploited Fortinet Flaw Impacts Many Systems, but No Signs of Mass Attacks appeared first on SecurityWeek.

SecurityWeek – ​Read More

Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities

The financially motivated threat actor Magnet Goblin is targeting one-day vulnerabilities to deploy Nerbian malware on Linux systems.

The post Magnet Goblin Delivers Linux Malware Using One-Day Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

New Golang-based Planet Stealer Emerges in Underground Forums

Planet Stealer is a Go-based information-stealing trojan that targets sensitive information from victim hosts. The trojan’s capabilities include browser information theft, cryptocurrency wallet theft, and sandbox evasion.

Cyware News – Latest Cyber News – ​Read More