Researchers Uncover Lazarus Group Admin Layer for C2 Servers

/in

The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command and control servers from Pyongyang.

darkreading – ​Read More

Hackers are hijacking WordPress sites to push Windows and Mac malware

/in

A cybersecurity company says hackers are pushing Mac and Windows malware through sites that are using outdated versions of WordPress.

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

DeepSeek Chatbot Beats OpenAI on App Store Leaderboard

/in

The Chinese firm said training the model cost just $5.6 million. Alibaba Cloud followed with a new generative AI model, while Microsoft alleges DeepSeek ‘distilled’ OpenAI’s work.

Security | TechRepublic – ​Read More

South Africa’s government-run weather service knocked offline by cyberattack

/in

The government-run South African Weather Service (SAWS) said its systems went down “following a security breach by criminal elements.”

The Record from Recorded Future News – ​Read More

FBI Seizes Leading Hacking Forums Cracked.to and Nulled.to

/in

Nulled.to and Cracked.to, major hacking forums, appear seized by the FBI as DNS records point to FBI servers.…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

OpenAI tailored ChatGPT Gov for government use – here’s what that means

/in

ChatGPT will be making its way to federal, state, and local agencies. The new version comes with benefits – and concerns.

Latest stories for ZDNET in Security – ​Read More

Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers

/in

VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.

darkreading – ​Read More

Observo’s AI-native data pipelines cut noisy telemetry by 70%, strengthening enterprise security 

/in

VentureBeat/Ideogram

The reduction in noisy, unstructured telemetry data by Observo can cut enterprise observability costs by up to 50%.Read More

Security News | VentureBeat – ​Read More

Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks

/in

The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of their campaigns.
“Each C2 server hosted a web-based administrative platform, built with a React application and a Node.js API,” SecurityScorecard’s

The Hacker News – ​Read More

Mirai Variant ‘Aquabot’ Exploits Mitel Device Flaws

/in

Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.

darkreading – ​Read More