A sophisticated new Android malware strain called GhostSpy has emerged as a significant threat to mobile device security, demonstrating advanced capabilities that allow cybercriminals to achieve complete control over infected smartphones and tablets. This web-based Remote Access Trojan (RAT) employs…
Author: wordpress
Russian Government Hackers Caught Buying Passwords from Cybercriminals
Microsoft flags a new Kremlin hacking team buying stolen usernames and passwords from infostealer markets for use in cyberespionage attacks. The post Russian Government Hackers Caught Buying Passwords from Cybercriminals appeared first on SecurityWeek. This article has been indexed from…
DragonForce Ransomware Leveraged in MSP Attack Using RMM Tool
A targeted cyber-attack on an MSP exploited flaws in remote management tools, resulting in ransomware deployment and data theft This article has been indexed from www.infosecurity-magazine.com Read the original article: DragonForce Ransomware Leveraged in MSP Attack Using RMM Tool
Government Calls on Organizations to Adopt SIEM and SOAR Solutions
In a landmark initiative, international cybersecurity agencies have released a comprehensive series of publications to guide organizations through the implementation and prioritization of Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. These resources aim…
How to get 2FA codes on your desktop when your phone is MIA
If you have two-factor authentication enabled but don’t have your phone nearby, you can use one of these desktop apps to get your code. This article has been indexed from Latest stories for ZDNET in Security Read the original article:…
Adidas confirms criminals stole data from customer service provider
Hackers take personal data bytes from the brand with three stripes Adidas is warning customers some of their data was stolen after an “unauthorized” person lifted it from a “third-party customer service provider.”… This article has been indexed from The…
Ongoing Campaign Uses 60 NPM Packages to Steal Data
Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information. The post Ongoing Campaign Uses 60 NPM Packages to Steal Data appeared first on SecurityWeek. This article has been indexed…
IT Security News Hourly Summary 2025-05-27 15h : 22 posts
22 posts were published in the last hour 13:4 : May Patch Tuesday From Microsoft Fixed 5 Zero-Days 13:4 : Velvet Chollima APTHackers Target Government Officials Using Weaponized PDFs 13:4 : Iranian Cybergroup Toufan Targets Organizations to Steal Login Credentials…
Hackers Use Fake OneNote Login to Capture Office365 and Outlook Credentials
A recent investigation by security analysts has uncovered a persistent phishing campaign targeting Italian and U.S. users, utilizing a chain of free cloud platforms and Telegram bots for credential harvesting and data exfiltration. The attack typically begins with a phishing…
Microsoft Alerts on Void Blizzard Hackers Targeting Telecommunications and IT Sectors
Microsoft Threat Intelligence Center (MSTIC) has issued a critical warning about a cluster of global cloud abuse activities orchestrated by a threat actor tracked as Void Blizzard, also known as LAUNDRY BEAR. Assessed with high confidence to be Russia-affiliated, Void…
WordPress TI WooCommerce Wishlist Plugin Flaw Puts Over 100,000 Websites at Risk of Cyberattack
A severe security flaw has been identified in the TI WooCommerce Wishlist plugin, a widely used WordPress extension with over 100,000 active installations. This plugin enables WooCommerce store owners to integrate wishlist functionality into their online shops, often alongside other…
Employee Spotlight: Getting to Rolando Panez
Rolando, can you tell us a bit about yourself? I’m a proud father of three beautiful girls. I was born and raised in Florida. I received a master’s degree in electrical engineering at the University of Florida. I worked on…
Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack
The agencies said that the group, which they called Laundry Bear, is actively trying to steal sensitive data from EU and NATO countries and is “extremely likely Russian state supported.” The post Dutch Intelligence Agencies Say Russian Hackers Stole Police…
Vulnerability Summary for the Week of May 19, 2025
High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info AutomationDirect–MB-Gateway The embedded web server lacks authentication and access controls, allowing unrestricted remote access. This could lead to configuration changes, operational disruption, or arbitrary code execution depending on the…
Microsoft, Dutch security agencies lift veil on Laundry Bear cyber espionage group
The Dutch intelligence and security services have identified a new Russia-affiliated threat group that has been breaching government organizations and commercial entities in Europe and North America, and they dubbed it Laundry Bear. “Compared to some other Russian threat actors…
Dussmann: Rekordumsatz und starkes Sicherheitsgeschäft
Wachstum mit Sicherheitskomponente – Dussmann erzielt Rekordumsatz von 3,3 Milliarden Euro und investiert in digitale Sicherheitslösungen. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Dussmann: Rekordumsatz und starkes Sicherheitsgeschäft
APT36 and Sidecopy Hackers Target India’s Critical Infrastructure with Malware Attacks
Seqrite Labs, India’s largest malware analysis facility, has uncovered a sophisticated campaign dubbed Operation Sindoor, orchestrated by Pakistan-aligned threat groups APT36 and Sidecopy. Launched on May 7, 2025, this state-sponsored Advanced Persistent Threat (APT) activity, combined with coordinated hacktivist operations,…
Hackers Exploit Craft CMS Vulnerability to Inject Cryptocurrency Miner Malware
Threat actors have exploited a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2025-32432, in the Craft Content Management System (CMS). Discovered by Orange Cyberdefense in mid-February 2025 and publicly disclosed on April 25, 2025, this flaw carries a maximum…
GitLab ‘Vulnerability Highlights the Double-Edged Nature of AI Assistants’
A remote prompt injection flaw in GitLab Duo allowed attackers to steal private source code and inject malicious HTML. GitLab has since patched the issue. This article has been indexed from Security | TechRepublic Read the original article: GitLab ‘Vulnerability…
New Guidance for SIEM and SOAR Implementation
Today, CISA, in collaboration with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other international and U.S. partners, released new guidance for organizations seeking to procure Security Information and Event Management (SIEM) and Security Orchestration, Automation, and…