Diplomatic entities in Kazakhstan and Central Asia have been targeted by UAC-0063 using weaponized Word docs deploying HATVIBE malware
189 search results for "malware"
Exploits, Global Security News, Security
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. […]
Global Security News, Security
Docker Desktop blocked on Macs due to false malware alert
Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. […]
Encryption, Malware, Phishing, Exploits, Global Security News
Malware targets Mac users by using Apple’s security tool
A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm. A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram,…
Asia Pacific, Global Security News
RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns
Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024. “The group used lure documents themed around the 2024 Taiwanese presidential candidate Terry Gou, the Vietnamese National Holiday, flood protection in Mongolia, and meeting invitations,…
Global Security News
Banshee 2.0 Malware Steals Apple’s Encryption to Hide on Macs
The most recent iteration of the open source infostealer skates by antivirus programs on Macs, using an encryption mechanism stolen from Apple’s own antivirus product.
Global Security News
Top 5 Malware Threats to Prepare Against in 2025
2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5…
Global Security News
FireScam Android Malware Poses as Telegram Premium to Steal Data and Control Devices
An Android information stealing malware named FireScam has been found masquerading as a premium version of the Telegram messaging app to steal data and maintain persistent remote control over compromised devices. “Disguised as a fake ‘Telegram Premium’ app, it is distributed through a GitHub.io-hosted phishing site that impersonates RuStore – a popular app store in…
Global Security News, Mobile, Security
New FireScam Android malware poses as RuStore app to steal data
A new Android malware named ‘FireScam’ is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia’s app market for mobile devices. […]
Global Security News
Global Campaign Targets PlugX Malware with Innovative Portal
Sekoia’s innovative PlugX malware disinfection campaign removed active threats across ten countries
Malware Reversing
Here’s a list of some of the best malware reversing tools from Geek-Guy.com:
Global Security News, Security
Malware botnets exploit outdated D-Link routers in recent attacks
Two botnets tracked as ‘Ficora’ and ‘Capsaicin’ have recorded increased activity in targeting D-Link routers that have reached end of life or are running outdated firmware versions. […]
Global Security News
North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign
North Korean threat actors behind the ongoing Contagious Interview campaign have been observed dropping a new JavaScript malware called OtterCookie. Contagious Interview (aka DeceptiveDevelopment) refers to a persistent attack campaign that employs social engineering lures, with the hacking crew often posing as recruiters to trick individuals looking for potential job opportunities into
Exploits, Global Security News
Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia
The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting “several dozen users” in 2024. “Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code,”…
CryptoCurrency, Global Security News, Security
New ‘OtterCookie’ malware used to backdoor devs in fake job offers
North Korean threat actors are using new malware called OtterCookie in the Contagious Interview campaign that is targeting software developers. […]
Global Security News
Iran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware
The Iranian nation-state hacking group known as Charming Kitten has been observed deploying a C++ variant of a known malware called BellaCiao. Russian cybersecurity company Kaspersky, which dubbed the new version BellaCPP, said it discovered the artifact as part of a “recent” investigation into a compromised machine in Asia that was also infected with the…
Global Security News
Cryptomining Malware Found in Popular Open Source Packages
Cryptomining malware hits popular npm packages rspack and vant, posing risks to open source tools
Global Security News
AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case
Cybersecurity researchers have found that it’s possible to use large language models (LLMs) to generate new variants of malicious JavaScript code at scale in a manner that can better evade detection. “Although LLMs struggle to create malware from scratch, criminals can easily use them to rewrite or obfuscate existing malware, making it harder to detect,”…
Global Security News
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People’s Republic of Korea (DPRK), has been observed leveraging a “complex infection chain” targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular…
Global Security News
Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of both libraries have been unpublished from the npm…
Global Security News
OT/ICS Engineering Workstations Face Barrage of Fresh Malware
Cyberattacks against OT/ICS engineering workstations are widely underestimated, according to researchers who discovered malware designed to shut down Siemens workstation engineering processes.
Global Security News, Hardware, Security
BadBox malware botnet infects 192,000 Android devices despite disruption
The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. […]
Global Security News, Security
Android malware found on Amazon Appstore disguised as health app
A malicious Android spyware application named ‘BMI CalculationVsn’ was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. […]
Global Security News
New Malware Can Kill Engineering Processes in ICS Environments
Forescout identified a new type of malware capable of terminating engineering processes, used to target Siemens engineering workstations
Global Security News
UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to…
Global Security News, Security
Raccoon Stealer malware operator gets 5 years in prison after guilty plea
Ukrainian national Mark Sokolovsky was sentenced today to five years in prison for his involvement in the Raccoon Stealer malware cybercrime operation. […]
Global Security News, Security
‘Bitter’ cyberspies target defense orgs with new MiyaRAT malware
A cyberespionage threat group known as ‘Bitter’ was observed targeting defense organizations in Turkey using a novel malware family named MiyaRAT. […]
Global Security News
Sophisticated TA397 Malware Targets Turkish Defense Sector
Sophisticated phishing attack targeting Turkey’s defense sector revealed TA397’s advanced tactics
Global Security News
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware
A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system,” Trend Micro researchers Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta said.…
Global Security News
Bitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT Malware
A suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT. “The attack chain used alternate data streams in a RAR archive to deliver a shortcut (LNK) file that created a scheduled task on the target…
Global Security News
Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection
Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. “Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks,” Morphisec researcher Nadav Lorber said in a technical report published Monday. The attacks make use of fake…
Global Security News
The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal
A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. “The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007,” Kaspersky researchers Georgy Kucherin and Marc…
Global Security News, Security
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. […]
Global Security News, North America
New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously unknown malware with moderate confidence to the prolific Chinese nation-state group tracked…
Global Security News
Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action
Germany’s Federal Office of Information Security (BSI) has announced that it has disrupted a malware operation called BADBOX that came preloaded on at least 30,000 internet-connected devices sold across the country. In a statement published earlier this week, authorities said they severed the communications between the devices and their command-and-control (C2) servers by sinkholing the…
Global Security News, Hardware, Security
Germany sinkholes BadBox malware pre-loaded on Android devices
Germany’s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. […]
Global Security News, Hardware, Security
Germany blocks BadBox malware loaded on 30,000 Android devices
Germany’s Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. […]
Global Security News, North America
Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms
Iran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States. The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras,…
Global Security News
Researchers Discover Malware Used by Nation-Sates to Attack Industrial Systems
IOCONTROL, a custom-built IoT/OT malware, was used by Iran-affiliated groups to attack Israel- and US-based OT/IoT devices, according to Claroty
Global Security News, linux, Security
New stealthy Pumakit Linux rootkit malware spotted in the wild
A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. […]
Global Security News, North America, Security
New IOCONTROL malware used in critical infrastructure attacks
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. […]
Global Security News
Remcos RAT Malware Evolves with New Techniques
Cyber-attacks involving Remcos RAT surged in Q3 2024, enabling attackers to control victim machines remotely, steal data and carry out espionage
Global Security News
Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service
The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine. The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging the Amadey bot malware to download custom…
Global Security News
Secret Blizzard Targets Ukrainian Military with Custom Malware
Microsoft detailed how Russian espionage group Secret Blizzard is leveraging infrastructure of other threat actors to target the Ukrainian military with custom malware
Uncategorized
New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools
A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions. “To exploit this technique, a user must be convinced to run a program that uses UI Automation,” Akamai security researcher Tomer Peled said in a…
Uncategorized
ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms
Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. “Zloader 2.9.4.0 adds notable improvements including a custom DNS tunnel protocol for C2 communications and an…
Global Security News
Ongoing Phishing and Malware Campaigns in December 2024
Cyber attackers never stop inventing new ways to compromise their targets. That’s why organizations must stay updated on the latest threats. Here’s a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before they reach you. Zero-day Attack: Corrupted Malicious Files Evade Detection by Most Security…
Global Security News
Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware
The threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2024 that’s designed to drop the Visual Basic Script malware, Recorded Future’s Insikt Group…
Global Security News
Malware analysis report on SparrowDoor malware
A technical analysis of a new variant of the SparrowDoor malware.
Global Security News
Malware analysis report on SparrowDoor malware
A technical analysis of a new variant of the SparrowDoor malware.
GeekGuyBlog
The Importance of Zero Trust Security in Protecting Against Advanced Cybersecurity Threats
APT28, Europe, Fancy Bear, Global Security News, GRU, Kazakhstan, Russia, Sekoia, Threats
Fancy Bear spotted using real Kazak government documents in spearpishing campaign
A hacking group linked to Russian intelligence has been observed leveraging seemingly legitimate documents from the Kazakhstan government as phishing lures to infect and spy on government officials in Central Asia, according to researchers at Sekoia. The files, laced with malware, include draft versions of diplomatic statements, correspondence letters, internal administrative notes and other documents…
Global Security News
Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw
The security vulnerability tracked as CVE-2024-50603, which rates 10 out of 10 on the CVSS scale, enables unauthenticated remote code execution on affected systems, which cyberattackers are using to plant malware.
Global Security News, Have I Been Pwned
Experimenting with Stealer Logs in Have I Been Pwned
TL;DR — Email addresses in stealer logs can now be queried in HIBP to discover which websites they’ve had credentials exposed against. Individuals can see this by verifying their address using the notification service and organisations monitoring domains can pull a list back via a new API. Nasty stuff, stealer logs. I’ve written about them and…
Global Security News, Malware, Security, Technology Industry
Hotel chain ditches Google search for DuckDuckGo — ‘subjected to fraud attempts daily’
At the end of 2021, Nordic Choice Hotels, now renamed Strawberry, was hit by a major ransomware attack that paralyzed operations for just over a week. Everything had to be done manually, says Martin Belak, who is responsible for the hotel chain’s technical security. “The receptionists worked with whiteboards to keep track of which rooms…
Global Security News
Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results
Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar.
Exploits, Global Security News, privacy roundup, Security Bloggers Network
Privacy Roundup: Week 2 of Year 2025
This is a news item roundup of privacy or privacy-related news items for 5 JAN 2025 – 11 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
Artificial Intelligence, Global Security News
Sicherheitsmängel gefährden DNA-Sequenziergeräte
srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?quality=50&strip=all 5283w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=768%2C432&quality=50&strip=all 768w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=1024%2C576&quality=50&strip=all 1024w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=1536%2C864&quality=50&strip=all 1536w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=1240%2C697&quality=50&strip=all 1240w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=150%2C84&quality=50&strip=all 150w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=854%2C480&quality=50&strip=all 854w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=640%2C360&quality=50&strip=all 640w, https://b2b-contenthub.com/wp-content/uploads/2025/01/shutterstock_1941013627.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Security-Forscher haben festgestellt, dass bei einem DNA-Sequenziergerät wichtige Sicherheitsfunktionen fehlen. angellodeco – Shutterstock.com Das DNA-Sequenziergerät iSeq 100 von Illumina wird von medizinischen Laboren auf der ganzen Welt für…
Global Security News
New Ransomware Group Uses AI to Develop Nefarious Tools
Researchers at Check Point said FunkSec operators appear to use AI for malware development
Global Security News
WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the content management system (CMS). “This credit card skimmer malware targeting WordPress websites silently injects malicious JavaScript into database entries to steal sensitive payment
Global Security News, Phishing, Security Practices, Social Engineering
Was ist Social Engineering?
Mit Social-Engineering-Techniken manipulieren Cyberkriminelle die menschliche Psyche. Lesen Sie, wie das funktioniert und wie Sie sich schützen können. Foto: sp3n – shutterstock.com Selbst wenn Sie bei der Absicherung Ihres Rechenzentrums, Ihrer Cloud-Implementierungen und der physischen Sicherheit Ihres Firmengebäudes alle Register ziehen – mit Hilfe von Social Engineering finden gewiefte Cyberkriminelle meistens einen Weg, diese Maßnahmen…
GeekGuyBlog
Understanding Zero Trust Security in the World of Cybersecurity
When it comes to cybersecurity, the landscape is constantly evolving. With advanced threats and the latest security exploits becoming more sophisticated, it is crucial for organizations to stay ahead of the game. One approach that is gaining traction in the cybersecurity world is the concept of zero trust security. Zero trust security is a security…
GeekGuyBlog
Enhancing Security with Advanced Threat Protection and Zero Trust Security
As technology continues to advance, so do the threats to our online security. Cybersecurity is a critical issue that affects individuals, businesses, and governments alike. In order to protect against the latest security exploits and advanced threats, it is essential to implement a comprehensive security strategy that includes elements such as zero trust security, authentication,…
GeekGuyBlog
The Importance of Zero Trust Security in Today’s Cyber World
In today’s digital age, where advanced threats and the latest security exploits are constantly evolving, the need for robust cybersecurity measures has never been more crucial. One approach that has gained traction in recent years is the concept of zero trust security. Zero trust security is based on the principle of never trusting, always verifying.…
GeekGuyBlog
Strengthen Your Cybersecurity Defense with Advanced Security Measures
As technology continues to advance rapidly, the threat landscape in the digital world has become increasingly sophisticated. Organizations of all sizes are facing advanced threats that can compromise their sensitive data and disrupt their operations. In order to protect against these threats, it is crucial to implement robust cybersecurity measures that can help mitigate the…
Exploits, Global Security News, Security
2025 Cybersecurity and AI Predictions
The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
Global Security News
Fake CrowdStrike ‘Job Interviews’ Become Latest Hacker Tactic
Cybercriminals are luring victims into downloading the XMRig cryptomining malware via convincing emails, inviting them to schedule fake interviews using a malicious link.
attack surface, Commentary, Exploits, Global Security News, security theater
What is ‘security theater’ and how can we move beyond it?
Conventional wisdom assumes that the more vulnerabilities a security tool flags, the easier it will be for a company to secure its infrastructure. In theory, layering more tools into a tech stack should equal more effective attack surface monitoring, right? Well, reality isn’t quite panning out like that. If anything, tool sprawl has created an…
Cyberattacks, Malware, Exploits, Global Security News
Legitimate PoC exploited to spread information stealer
A recently copied and abused open source proof of concept (PoC) exploit from a reputable security company, aimed at helping threat researchers, is the latest example of the novel tactics hackers will use to spread malware. PoCs for known vulnerabilities are created to be shared by students, researchers, and IT pros to improve software and…
Exploits, Global Security News, Malware, Vulnerabilities, Zero-day vulnerability
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
Researchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese cyberespionage group. This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year. The latest attacks,…
CAPTCHA, CAPTCHA alternative, captcha scam, Cybersecurity, fake captcha, Featured Blog Post, Global Security News, Security Bloggers Network, Uncategorized
Fake CAPTCHA Scams: Ruining Consumer Trust and Driving Website Abandonment
CAPTCHAs frustrate users, fail to stop sophisticated bots, and now pose a serious malware risk. The post Fake CAPTCHA Scams: Ruining Consumer Trust and Driving Website Abandonment appeared first on Security Boulevard.
Global Security News, Security
Banshee stealer evades detection using Apple XProtect encryption algo
A new version of the Banshee info-stealing malware for macOS has been evading detection over the past two months by adopting string encryption from Apple’s XProtect. […]
Botnets, DDoS, Exploits, Global Security News
New Mirai botnet targets industrial routers
According to security analysis, the Gayfemboy botnet, based on the notorious Mirai malware, is currently spreading around the world. Researchers from Chainxin X Lab found that cybercriminals have been using the botnet since November 2024 to attack previously unknown vulnerabilities. The botnet’s preferred targets include Four-Faith and Neterbit routers or smart home devices. Experts from VulnCheck reported at the end…
Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), exploit, Exploits, Global Security News, ivanti, malware, Mandiant, SPAWN, UNC5221, UNC5337, vulnerabilities, zero days
New zero-day exploit targets Ivanti VPN product
A year after a series of vulnerabilities impacting a pair of Ivanti VPN products prompted an emergency directive from the Cybersecurity and Infrastructure Security Agency to federal agencies, the Utah-based software firm is again experiencing issues with one of its signature systems. The company on Wednesday disclosed two vulnerabilities — CVE-2025-0282 and CVE-2025-0283 — that…
Exploits, Global Security News, Security
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not currently associated with any threat group. […]
Global Security News
New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption
Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer. “Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect,” Check Point Research said in a new analysis shared with The Hacker News. “This development allows it…
Cyberattacks, Security, Vulnerabilities, Exploits, Global Security News
China-linked hackers target Japan’s national security and high-tech industries
Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) have exposed a long-running cyber espionage campaign, “MirrorFace” (also known as Earth Kasha), allegedly linked to China. The campaign, operational since 2019, has targeted Japanese organizations, businesses, and individuals, primarily to exfiltrate sensitive data related to national security…
Global Security News
Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions
Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the past year and some of the most shocking ransom payouts in history, including a $75 million ransom in…
Artificial Intelligence, Exploits, Global Security News
Neues Mirai-Botnet zielt auf Industrierouter
Das Botnet Gayfemboy basiert auf der Malware Mirai und zielt auf Industrierouter auf der ganzen Welt. Jaiz Anuar – Shutterstock.com Security-Analysen zufolge verbreitet sich das auf der berüchtigten Mirai-Malware basierende Botnet Gayfemboy derzeit auf der ganzen Welt. Forscher von Chainxin X Lab stellten fest, dass Cyberkriminelle das Botnet seit November 2024 nutzen, um bislang unbekannte…
Enterprise Buyer’s Guides, Incident Response, Unified Threat Management, Global Security News
SOAR buyer’s guide: 11 security orchestration, automation, and response products — and how to choose
Security orchestration, automation, and response (SOAR) has undergone a major transformation in the past few years. Features in each of the words in its description that were once exclusive to SOAR have bled into other tools. For example, responses can be found now in endpoint detection and response (EDR) tools. Orchestration is now a joint…
Cyberattacks, Data Breach, Global Security News
UN agency’s job application database breached, 42,000 records stolen
The International Civil Aviation Organization (ICAO) on Tuesday said that it is “actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations,” and has initially concluded that “approximately 42,000 recruitment application data records from April 2016 to July 2024” were stolen. In its initial statement,…
Exploits, Global Security News, Medical Devices, Supply Chain, Vulnerabilities
DNA sequencer vulnerabilities signal firmware issues across medical device industry
In highlighting vulnerabilities in a widely used DNA gene sequencing device, security researchers have brought further attention to the likely poor state of security in the medical device industry, where hardware and firmware development is often outsourced to external equipment manufacturers under questionable support contracts. The device, Illumina’s iSeq 100 compact DNA sequencer, is used…
Exploits, Global Security News, Security
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. […]
business, channel, Global IT News, Global Security News, News and Trends, services, US Channel News
MacPaw Announces Expansion of CleanMyMac Tech for SMBs
Leading macOS and iOS software producer MacPaw has announced the launch of CleanMyMac Business, which will extend its CleanMyMac technology to small and medium-sized businesses (SMBs) and managed service providers (MSPs). Simplifying Mac maintenance for partners and businesses The new software will simplify Mac fleet maintenance for organizations, complementing commonly used mobile device management (MDM)…
Global Security News
Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques
Cybersecurity researchers have shed light on a new remote access trojan called NonEuclid that allows bad actors to remotely control compromised Windows systems. “The NonEuclid remote access trojan (RAT), developed in C#, is a highly sophisticated malware offering unauthorised remote access with advanced evasion techniques,” Cyfirma said in a technical analysis published last week. “It…
Global IT News, Global Security News
Infoblox Threat Intel research sheds light on the use of spoofed domains in malicious spam campaigns
GUEST RESEARCH: Infoblox Threat Intel researchers have discovered new insights into the use of spoofed domains in modern malicious spam (malspam) campaigns, sending unsolicited emails that contain harmful attachments or links designed to infect the recipient’s computer with malware or to steal sensitive information. This reveals how threat actors exploit domain spoofing and how pervasive…
800-275-2273, A Little Sunshine, Allison Nixon, Aristotle, autodoxers, Coinbase, Crypto Chameleon, discord, domaintools, Emerging Tech, Global Security News, Latest Warnings, Lookout, Mark Cuban, Okta, Perm, Shark Tank, Star Fraud, Stotle, Telegram, The Coming Storm, Trezor, Unit 221B, voice phishing, Web Fraud 2.0
A Day in the Life of a Prolific Voice Phishing Crew
Besieged by scammers seeking to phish user accounts over the telephone, Apple and Google frequently caution that they will never reach out unbidden to users this way. However, new details about the internal operations of a prolific voice phishing gang show the group routinely abuses legitimate services at Apple and Google to force a variety…
Emerging Tech, Global Security News, Security Bloggers Network
Agents, Robotics, and Auth – Oh My! | Impart Security
Agents, Robotics, and Auth – Oh My! Introduction 2025 will be the year of the futurist. I never thought that I’d be writing a blog post about AI and robotics at this point in my career, but technology has advanced so much in the lat 12 months setting up 2025 to be a landmark year…
Global Security News
PhishWP Plug-in Hijacks WordPress E-Commerce Checkouts
The malware, found on a Russian cybercriminal site, impersonates e-commerce payment-processing services such as Stripe to steal user payment data from legitimate websites.
Cyberattacks, Security, Emerging Tech, Global Security News
CyTwist Launches Advanced Security Solution to identify AI-Driven Cyber Threats in minutes
CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware. The cybersecurity landscape is evolving as attackers harness the power of artificial intelligence (AI) to develop advanced and evasive threats. The rise of AI-generated malware and AI-enhanced cyberattacks has escalated the threat…
Exploits, Global Security News
Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. “The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standard
Global IT News, Global Security News
Cybersecurity trends predictions for government agencies: Public Sector technology chief
Ransomware and wiper malware will continue to evolve and wreak havoc across government agencies, according to 2025 government cybersecurity trend predictions from security company Rubrik.
Global Security News
New EAGERBEE Variant Targets ISPs and Governments with Advanced Backdoor Capabilities
Internet service providers (ISPs) and governmental entities in the Middle East have been targeted using an updated variant of the EAGERBEE malware framework. The new variant of EAGERBEE (aka Thumtais) comes fitted with various components that allow the backdoor to deploy additional payloads, enumerate file systems, and execute commands shells, demonstrating a significant evolution. “The…
Exploits, Generative AI, Penetration Testing, Security, Threat and Vulnerability Management, Vulnerabilities, Global Security News
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Generative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise. Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and…
Global Security News
FireScam Android Spyware Campaign Poses ‘Significant Threat Worldwide’
A fake Telegram Premium app delivers information-stealing malware, in a prime example of the rising threat of adversaries leveraging everyday applications, researchers say.
Asia Pacific, Global Security News
EagerBee Backdoor Takes Flight Against Mideast ISPs, Government Targets
The malware, operated by China-backed cyberattackers, has been significantly fortified with new evasive and post-infection capabilities.
Global Security News, Security
Eagerbee backdoor deployed against Middle Eastern govt orgs, ISPs
New variants of the Eagerbee malware framework are being deployed against government organizations and internet service providers (ISPs) in the Middle East. […]
Global Security News
New Infostealer Campaign Uses Discord Videogame Lure
Threat actors are tricking victims into downloading malware with the promise of testing a new videogame
Cloud Security, Global Security News
7 fundamentale Cloud-Bedrohungen
Dieser Artikel hilft, Unsicherheiten in Cloud-Umgebungen vorzubeugen. Foto: Roman Samborskyi | shutterstock.com Für jedes Unternehmen, das sich auf die Cloud verlässt, um Services bereitzustellen, steht Cybersicherheit ganz oben auf der Prioritätenliste. Allerdings stellen Anwender in der Regel schnell fest, dass das leichter gesagt als getan ist. Zumindest, wenn Daten und Unternehmens-Assets über die gesamte Online-Infrastruktur…
Exploits, Global Security News, privacy roundup, Security Bloggers Network
Privacy Roundup: Week 1 of Year 2025
This is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…