In a resurgence since May 2024, the Black Basta ransomware campaign has exhibited a troubling escalation in its attack methods, incorporating a multi-stage infection chain that blends social engineering, a custom packer, a mix of malware payloads, and advanced delivery…
Category: EN
Hackers Target Android Users via WhatsApp to Steal Sensitive Data
Researchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by an unknown threat actor, aims to compromise sensitive information. Although the target’s precise location and nature have not been disclosed,…
Mauri Ransomware Leverages Apache ActiveMQ Vulnerability to Deploy CoinMiners
The Apache ActiveMQ server is vulnerable to remote code execution (CVE-2023-46604), where attackers can exploit this vulnerability by manipulating serialized class types in the OpenWire protocol to load malicious class configurations from external sources. Successful exploitation allows attackers to execute…
New Meeten Malware Attacking macOS And Windows Users To Steal Logins
A sophisticated crypto-stealing malware, Realst, has been targeting Web3 professionals, as the threat actors behind this campaign have employed AI-generated content to create fake companies, such as “Meetio,” to appear legitimate. By tricking victims into participating in video calls, cybercriminals…
WhatsApp finally fixes View Once flaw that allowed theft of supposedly vanishing pics
And it only took four months, tut WhatsApp has fixed a problem with its View Once feature, designed to protect people’s privacy with automatically disappearing pictures and videos.… This article has been indexed from The Register – Security Read the…
Massive Data Harvesting Operation Exploits AWS Customer Misconfigurations
Independent cybersecurity experts Noam Rotem and Ran Locar have exposed a sophisticated cyber operation targeting vulnerabilities in public websites, leading to unauthorized access to sensitive customer data, infrastructure credentials, and proprietary source code. The researchers collaborated with the AWS Fraud…
Ransomware Disrupts Operations at Leading Heart Surgery Device Maker
Artivion, a prominent manufacturer of heart surgery devices, disclosed a significant ransomware attack that has disrupted its operations. The incident involved the encryption and acquisition of company files, prompting Artivion to take immediate measures to contain the breach. According to…
PowerDMARC One-Click Auto DNS Publishing with Entri
Simplify DNS management with PowerDMARC’s One-Click Auto DNS Publishing powered by Entri. Publish DNS records like DMARC, SPF, DKIM, and more in just one click. The post PowerDMARC One-Click Auto DNS Publishing with Entri appeared first on Security Boulevard. This…
Balancing Security and Convenience With EV Charging
After years of quiet growth, the electric vehicle (EV) market has kicked into high gear, powered by sustainability trends, technology advances and increased consumer enthusiasm. Earlier this year, a team from Cornell created a new lithium battery that can charge…
Authorities Dismantled Hackers Who Stolen Millions Using AirBnB
An international cybercrime network responsible for stealing millions of euros across at least ten European countries has been dismantled in a joint operation by the Rotterdam Police Cybercrime Team and the Belgian police. The sophisticated criminal group employed phishing schemes…
50% of M&A Security Issues are Non-Malicious
More than half of M&A security incidents in 2024 were non-malicious, resulting instead from integration-induced investigation delays, policy and compliance challenges, and issues baselining internal tools, a report from ReliaQuest has revealed. These findings suggest that inherited assets present a…
Brand Impersonations Surge 2000% During Black Friday
Phishing scams impersonating major holiday brands like Walmart, Target, and BestBuy increased by more than 2000% during Black Friday week, new research from Darktrace has revealed. These findings come as part of a wider increase in phishing activity during the…
Mysterious Drone-Like Objects Disrupting Electronics in New Jersey: Is It a New Cyber Threat or Something More?
In recent days, unusual reports have emerged from New Jersey, where large, car-sized flying objects have been spotted, particularly in the countryside. These objects, which have sparked widespread speculation, are believed by some to be drones or potentially UFOs (unidentified…
Cyber Threats in the Form of MS Office Email Attachments: A Growing Danger
In the world of cybersecurity, one of the most common and persistent threats is the exploitation of email attachments, particularly those involving Microsoft Office documents. Cybercriminals have long relied on social engineering tactics to deliver malicious payloads via email attachments,…
U.S. Subsidiary of a Japanese water Treatment Company Hit By Ransomware Attack
Kurita America Inc. (KAI), the North American subsidiary of Tokyo-based Kurita Water Industries Ltd., has confirmed it was the victim of a ransomware attack that compromised multiple servers and potentially leaked sensitive data. The attack was detected on Friday, November 29,…
APT-C-53 Weaponizing LNK Files To Deploy Malware Into Target Systems
Gamaredon, a persistent threat actor since 2013, targets the government, defense, diplomacy, and media sectors of their victims, primarily through cyberattacks, to gain sensitive information and disrupt operations. It continues to employ sophisticated tactics, leveraging malicious LNK and XHTML files…
The Next Frontier: Predictions Driving Tech and Security in 2025
As we unveil the third edition of Information Security Buzz’s 2025 predictions, we are thrilled by the incredible response. In this installment, we dive even deeper into the evolving cybersecurity landscape, where advancements in AI, quantum computing, and cloud technologies…
Preventing data leakage in low-node/no-code environments
Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While LCNC solutions like Power BI reports and automated workflows foster agility and innovation, they also introduce significant risks, including data leakage.…
Hackers Can Hijack Your Terminal Via Prompt Injection using LLM-powered Apps
Researchers have uncovered that Large Language Models (LLMs) can generate and manipulate ANSI escape codes, potentially creating new security vulnerabilities in terminal-based applications. ANSI escape sequences are a standardized set of control characters used by terminal emulators to manipulate the appearance and behavior of text displays. They enable…
Strengthening security posture with comprehensive cybersecurity assessments
In this Help Net Security interview, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methodologies, the role of AI and automation, and strategies for aligning assessments with organizational needs. The post Strengthening security…