Researchers have unveiled a sophisticated new technique that allows attackers to bypass traditional Antivirus (AV) and Endpoint Detection and Response (EDR) solutions. By exploiting how these defensive tools analyze command-line arguments—a core method of detecting suspicious activity—malicious actors can now…
Category: EN
RDP and MS Office Vulnerabilities Abused by Kimusky in Targeted Intrusions
The AhnLab SEcurity intelligence Center (ASEC) has released a detailed analysis of a sophisticated cyber campaign dubbed “Larva-24005,” linked to the notorious North Korean hacking group Kimsuky. This operation has been targeting critical sectors in South Korea, including software, energy,…
New sophisticate malware SuperCard X targets Androids via NFC relay attacks
‘SuperCard X’ – a new MaaS – targets Androids via NFC relay attacks, enabling fraudulent POS and ATM transactions with stolen card data. Cleafy researchers discovered a new malware-as-a-service (MaaS) called SuperCard X targeting Android devices with NFC relay attacks…
Don’t Lock Up Peanut Butter in Fort Knox: The Smart Approach to Data Classification
Exploring the implementation of a data classification model in order to enable a data-driven approach to managing risk and cost. The post Don’t Lock Up Peanut Butter in Fort Knox: The Smart Approach to Data Classification appeared first on Security…
It’s 2025… so why are obviously malicious advertising URLs still going strong?, (Mon, Apr 21st)
While the old adage stating that “the human factor is the weakest link in the cyber security chain†will undoubtedly stay relevant in the near (and possibly far) future, the truth is that the tech industry could – and should…
Linux 6.15-rc3 Released With Key Kernel Bug Fixes
Linus Torvalds announced the release of Linux 6.15-rc3, delivering a fresh batch of bug fixes and minor adjustments to the ever-evolving Linux kernel. As is customary, the release candidate comes right on schedule, arriving just after the weekend—this time, coinciding…
Hackers Bypassed Gmail’s Security Filters Bypassed for Sophisticated Phishing Attacks
A highly sophisticated phishing attack exploiting vulnerabilities in Google’s OAuth system has been identified. The attack, which successfully bypasses Gmail’s security filters, appears legitimate to users as it originates from authentic Google domains and passes all standard security checks, including…
Chinese Hackers Employ New Reverse SSH Tool to Attack Organizations
A sophisticated Chinese hacking group known as Billbug (also tracked as Lotus Blossom, Lotus Panda, and Bronze Elgin) has intensified its espionage campaign across Southeast Asia, employing a new custom Reverse SSH Tool to compromise high-value targets. This group, active…
Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks
A sophisticated Advanced Persistent Threat (APT) operation named Larva-24005, linked to the notorious Kimsuky threat group, has been discovered actively exploiting critical vulnerabilities in Remote Desktop Protocol (RDP) and Microsoft Office applications to compromise systems across multiple sectors and countries.…
Security Tools: First, They’re Good, Then They’re Bad
Security tools can also be vulnerable and so cybersecurity teams must put a premium on ensuring tools are used as intended for defense. The post Security Tools: First, They’re Good, Then They’re Bad appeared first on Security Boulevard. This article…
Hackers Abuse Zoom’s Remote Control to Access Users’ Computers
A newly uncovered hacking campaign is targeting business leaders and cryptocurrency firms by abusing Zoom’s remote control feature, allowing attackers to take over victims’ computers with a single click. The sophisticated operation, attributed to a threat group known as ELUSIVE…
Russian Hackers Target European Diplomats with ‘Wine-Tasting’ Phishing Scams
A Russian state-linked hacking group is ramping up its cyberattacks against diplomatic targets across Europe, using a new stealthy malware tool known as “GrapeLoader” to deliver malicious payloads through cleverly disguised phishing emails. According to Check Point Research, the campaign…
Russia-linked APT29 targets European diplomatic entities with GRAPELOADER malware
Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. Check Point Research team reported that Russia-linked cyberespionage group APT29 (aka SVR group, Cozy Bear, Nobelium, BlueBravo, Midnight Blizzard, and The Dukes) is behind a sophisticated phishing campaign targeting European diplomatic…
Phishing attacks leveraging HTML code inside SVG files
Attackers are increasingly sending phishing emails with SVG attachments that contain embedded HTML pages or JavaScript code. This article has been indexed from Securelist Read the original article: Phishing attacks leveraging HTML code inside SVG files
Oracle releases Unbreakable Enterprise Kernel 8 (UEK 8)
Oracle has released version 8 of its Unbreakable Enterprise Kernel (UEK), a custom Linux kernel built for Oracle Linux. UEK 8 includes updates to memory management, better file system support, faster networking, and improvements for specific hardware platforms. It also…
Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery
Cybersecurity researchers have disclosed a surge in “mass scanning, credential brute-forcing, and exploitation attempts” originating from IP addresses associated with a Russian bulletproof hosting service provider named Proton66. The activity, detected since January 8, 2025, targeted organizations worldwide, according to…
Google To Appeal Portions Of Ad Monopoly Ruling
Google says it will appeal ‘adverse’ portions of ruling that found its ad business is illegal monopoly, says decision was ‘mixed’ This article has been indexed from Silicon UK Read the original article: Google To Appeal Portions Of Ad Monopoly…
Speedify VPN Vulnerability on macOS Exposes Users to System Takeover
A major security flaw in the Speedify VPN application for macOS, tracked as CVE-2025-25364, has exposed millions of users to the risk of complete system compromise. Researchers at SecureLayer7 discovered the vulnerability in Speedify’s privileged helper tool. It could potentially allow…
A week in security (April 12 – April 18)
A list of topics we covered in the week of April 12 to April 18 of 2025 This article has been indexed from Malwarebytes Read the original article: A week in security (April 12 – April 18)
Microsoft Entra lockouts, wine tasting malware, job scam solution
Widespread Microsoft Entra lockouts cause by new security feature rollout Malware delivered through diplomatic wine-tasting invites British companies told to hold in-person interviews to thwart North Korea job scammers Huge thanks to our sponsor, Dropzone AI Growing your MSSP client…