20751 matches found
Chinese Hackers Distributing SMS Bomber Tool with Malware Hidden Inside
A threat cluster with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language to strike targets as part of a newly discovered campaign. The novel loader, dubbed Nimbda, is "bundled with a Chinese language greyware 'SMS Bomber'...
Popular PyPI Package 'ctx' and PHP Library 'phpass' Hijacked to Steal AWS Keys
Two trojanized Python and PHP packages have been uncovered in what's yet another instance of a software supply chain attack targeting the open source ecosystem. One of the packages in question is "ctx," a Python module available in the PyPi repository. The other involves "phpass," a PHP package...
Yes, Containers Are Terrific, But Watch the Security Risks
Containers revolutionized the development process, acting as a cornerstone for DevOps initiatives, but containers bring complex security risks that are not always obvious. Organizations that don't mitigate these risks are vulnerable to attack. In this article, we outline how containers contribute...
Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild
Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821 CVSS score: 6.5, the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote...
SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices
SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access SMA 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1...
Cisco Issues Patches for 3 New Flaws Affecting Enterprise NFVIS Software
Cisco Systems on Wednesday shipped security patches to contain three flaws impacting its Enterprise NFV Infrastructure Software NFVIS that could permit an attacker to fully compromise and take control over the hosts. Tracked as CVE-2022-20777, CVE-2022-20779, and CVE-2022-20780, the vulnerabiliti...
Critical RCE Flaws in 'PHP Everywhere' Plugin Affect Thousands of WordPress Sites
Critical security vulnerabilities have been disclosed in a WordPress plugin known as PHP Everywhere that's used by more than 30,000 websites worldwide and could be abused by an attacker to execute arbitrary code on affected systems. PHP Everywhere is used to flip the switch on PHP code across...
High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites
Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites. "This flaw made it possible for an attacker to update arbitrary site options on a vulnerable site,...
Latest Report Uncovers Supply Chain Attacks by North Korean Hackers
Lazarus Group, the advanced persistent threat APT group attributed to the North Korean government, has been observed waging two separate supply chain attack campaigns as a means to gain a foothold into corporate networks and target a wide range of downstream entities. The latest...
Chinese Hackers Implant PlugX Variant on Compromised MS Exchange Servers
A Chinese cyberespionage group known for targeting Southeast Asia leveraged flaws in the Microsoft Exchange Server that came to light earlier this March to deploy a previously undocumented variant of a remote access trojan RAT on compromised systems. Attributing the intrusions to a threat actor...
China's Cyberspies Targeting Southeast Asian Government Entities
A sweeping and "highly active campaign" that originally set its sights on Myanmar has broadened its focus to strike a number of targets located in the Philippines, according to new research. Russian cybersecurity firm Kaspersky, which first spotted the infections in October 2020, attributed them ...
Experts Uncover Malware Attacks Targeting Corporate Networks in Latin America
Cybersecurity researchers on Thursday took the wraps off a new, ongoing espionage campaign targeting corporate networks in Spanish-speaking countries, specifically Venezuela, to spy on its victims. Dubbed "Bandidos" by ESET owing to the use of an upgraded variant of Bandook malware, the primary...
Beware! Connecting to This Wireless Network Can Break Your iPhone's Wi-Fi Feature
A wireless network naming bug has been discovered in Apple's iOS operating system that effectively disables an iPhone's ability to connect to a Wi-Fi network. The issue was spotted by security researcher Carl Schou, who found that the phone's Wi-Fi functionality gets permanently disabled after...
Google Workspace Now Offers Client-side Encryption For Drive and Docs
Google on Monday announced that it's rolling out client-side encryption to Google Workspace formerly G Suite, thereby giving its enterprise customers direct control of encryption keys and the identity service they choose to access those keys. "With client-side encryption, customer data is...
Cybersecurity Webinar: Understanding the 2020 MITRE ATT&CK Results
The release of MITRE Engenuity's Carbanak+Fin7 ATT&CK evaluations every year is a benchmark for the cybersecurity industry. The organization's tests measure how well security vendors can detect and respond to threats and offers an independent metric for customers and security leaders to understan...
[eBook] Why Autonomous XDR Is Going to Replace NGAV/EDR
For most organizations today, endpoint protection is the primary security concern. This is not unreasonable – endpoints tend to be the weakest points in an environment – but it also misses the forest for the trees. As threat surfaces expand, security professionals are harder pressed to detect...
Forcing Self-Service Password Reset (SSPR) Registration to Increase ROI
When your organization invests in a new product or service, it is essential that you take advantage of all the features it has to offer. This will help you to maximize your return on investment ROI. If you have purchased or are thinking about purchasing a self-service password reset SSPR tool, on...
Chinese Hackers Used Facebook to Hack Uighur Muslims Living Abroad
Facebook may be banned in China, but the company on Wednesday said it has disrupted a network of bad actors using its platform to target the Uyghur community and lure them into downloading malicious software that would allow surveillance of their devices. "They targeted activists, journalists and...
Popular Netop Remote Learning Software Found Vulnerable to Hacking
Cybersecurity researchers on Sunday disclosed multiple critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers. "These findings allow for elevation of privileges and ultimately...
How to Fight Business Email Compromise (BEC) with Email Authentication?
An ever-evolving and rampant form of cybercrime that targets emails as the potential medium to conduct fraud is known as Business Email Compromise. Targeting commercial, government as well as non-profit organizations, BEC can lead to huge amounts of data loss, security breach, and compromised...
Warning: Cross-Platform ElectroRAT Malware Targeting Cryptocurrency Users
Cybersecurity researchers today revealed a wide-ranging scam targeting cryptocurrency users that began as early as January last year to distribute trojanized applications to install a previously undetected remote access tool on target systems. Called ElectroRAT by Intezer, the RAT is written from...
U.S. Announces Charges Against 2 Russian and 2 Iranian Hackers
Immediately after revealing criminal charges against 5 Chinese and 2 Malaysian hackers, the United States government yesterday also made two separate announcements charging two Iranian and two Russian hackers and added them to the FBI's most-wanted list. The two Russian nationals—Danil Potekhin a...
Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web
In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over...
Iranian Hackers Pose as Journalists to Trick Victims Into Installing Malware
An Iranian cyberespionage group known for targeting government, defense technology, military, and diplomacy sectors is now impersonating journalists to approach targets via LinkedIn and WhatsApp and infect their devices with malware. Detailing the new tactics of the "Charming Kitten" APT group,...
Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack
A new research has identified four new variants of HTTP request smuggling attacks that work against various commercial off-the-shelf web servers and HTTP proxy servers. Amit Klein, VP of Security Research at SafeBreach who presented the findings today at the Black Hat security conference, said th...
[Guide] Finding Best Security Outsourcing Alternative for Your Organization
As cyberattacks continue to proliferate in volume and increase in sophistication, many organizations acknowledge that some part of their breach protection must be outsourced, introducing a million-dollar question of what type of service to choose form. Today, Cynet releases the Security Outsourci...
US Govt Warns Critical Industries After Ransomware Hits Gas Pipeline Facility
The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency CISA earlier today issued a warning to all industries operating critical infrastructures about a new ransomware threat that if left unaddressed could have severe consequences. The advisory comes in respons...
Hackers Can Silently Control Your Google Home, Alexa, Siri With Laser Light
A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices — all just by shining a laser at the targeted device instead of using spoken words. Dubbed 'Light Commands,' the hack relies on a vulnerability i...
Chinese Hackers Compromise Telecom Servers to Spy on SMS Messages
A group of Chinese hackers carrying out political espionage for Beijing has been found targeting telecommunications companies with a new piece of malware designed to spy on text messages sent or received by highly targeted individuals. Dubbed "MessageTap," the backdoor malware is a 64-bit ELF dat...
Google Makes it Tough for Rogue App Developers Get Back on Android Play Store
Even after Google's security oversight over its already-huge Android ecosystem has evolved over the years, malware apps still keep coming back to Google Play Store. Sometimes just reposting an already detected malware app from a newly created Play Store account, or using other developers' existin...
Snapchat Hack — Hacker Leaked Snapchat Source Code On GitHub
The source code of the popular social media app Snapchat was recently surfaced online after a hacker leaked and posted it on the Microsoft-owned code repository GitHub. A GitHub account under the name Khaled Alshehri with the handle i5xx, who claimed to be from Pakistan, created a GitHub reposito...
Another Critical Flaw Found In Drupal Core—Patch Your Sites Immediately
It's time to update your Drupal websites, once again. For the second time within a month, Drupal has been found vulnerable to another critical vulnerability that could allow remote attackers to pull off advanced attacks including cookie theft, keylogging, phishing and identity theft. Discovered b...
WordPress Vulnerability Puts Millions of Websites At Risk
Millions of WordPress websites are at risks of being completely hijacked by the hackers due to a critical cross-site scripting XSS vulnerability present in the default installation of the widely used content management system. The cross-site scripting XSS vulnerability, uncovered by the security...
Samba remote code execution vulnerability, Patch Released !
Samba remote code execution vulnerability, Patch Released ! Samba is an award-winning free software file, print and authentication server suite for Windows clients. The project was begun by Australian Andrew Tridgell. There is a serious remotely exploitable vulnerability in the Samba open-source...
New Atomic macOS Stealer Campaign Exploits ClickFix to Target Apple Users
Cybersecurity researchers are alerting to a new malware campaign that employs the ClickFix social engineering tactic to trick users into downloading an information stealer malware known as Atomic macOS Stealer AMOS on Apple macOS systems. The campaign, according to CloudSEK, has been found to...
New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit TRU. Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs...
⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More
Can a harmless click really lead to a full-blown cyberattack? Surprisingly, yes — and that's exactly what we saw in last week's activity. Hackers are getting better at hiding inside everyday actions: opening a file, running a project, or logging in like normal. No loud alerts. No obvious red flag...
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances. The vulnerability, tracked as CVE-2024-6386 CVSS score: 9.9, impacts all versions of the plugin before 4.6.13,...
Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 CVSS score: 8.5, the vulnerability has been described as an information disclosure bug stemming from a...
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities KEV catalog, following its exploitation in ransomware attacks. The vulnerability, tracked as CVE-2024-23897 CVSS score: 9.8, is a path travers...
China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices
A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal...
Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats
Rockwell Automation is urging its customers to disconnect all industrial control systems ICSs not meant to be connected to the public-facing internet to mitigate unauthorized or malicious cyber activity. The company said it's issuing the advisory due to "heightened geopolitical tensions and...
MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks
An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East. Russian cybersecurity firm Positive Technologies said it identified over 30 victims spanning government agencies, bank...
10 Critical Endpoint Security Tips You Should Know
In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business's digital kingdom. And because of this, endpoints are one of hackers' favorite targets. According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide...
Alert: New Stealthy "RustDoor" Backdoor Targeting Apple macOS Devices
Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures. The exact...
Bug or Feature? Hidden Web Application Vulnerabilities Uncovered
Web Application Security consists of a myriad of security controls that ensure that a web application: 1. Functions as expected. 2. Cannot be exploited to operate out of bounds. 3. Cannot initiate operations that it is not supposed to do. Web Applications have become ubiquitous after the expansio...
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their...
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows - CVE-2023-38547 CVSS score: 9.9 - An unspecified flaw that can be leveraged by an unauthenticated user...
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That's according to findings from Kaspersky, which has codenamed the threat StripedFly, describing it ...
Trojanized PyCharm Software Version Delivered via Google Search Ads
A new malvertising campaign has been observed capitalizing on a compromised website to promote spurious versions of PyCharm on Google search results by leveraging Dynamic Search Ads. "Unbeknownst to the site owner, one of their ads was automatically created to promote a popular program for Python...