A suspected Iranian espionage campaign impersonated a model agency site for data collection, including fictitious models as possible social engineering lures. The post Iranian Cyber Actors Impersonate Model Agency in Suspected Espionage Operation appeared first on Unit 42. This article…
DragonForce: Emerging Hybrid Cyber Threat in the 2025 Ransomware Landscape
DragonForce has swiftly risen as a formidable player in 2025, embodying a hybrid threat that blends ideological ambiguity with ruthless opportunism. First identified in December 2023 with the debut of its “DragonLeaks” dark web portal, DragonForce may trace its origins…
Lampion Banking Malware Uses ClickFix Lures to Steal Banking Credentials
Unit 42 researchers at Palo Alto Networks, a highly targeted malicious campaign orchestrated by the threat actors behind the Lampion banking malware has been uncovered. Active since at least 2019, Lampion is an infostealer notorious for extracting sensitive banking information.…
Researchers Simulate DPRK’s Largest Cryptocurrency Heist Through Compromised macOS Developer and AWS Pivoting
Security researchers at Elastic have recreated the intricate details of the February 21, 2025, ByBit cryptocurrency heist, where approximately 400,000 ETH-valued at over a billion dollars-was stolen. Attributed to North Korea’s elite cyber unit, TraderTraitor, this attack exploited a trusted…
State of ransomware in 2025
Kaspersky researchers review ransomware trends for 2024, analyze the most active groups and forecast how this threat will evolve in 2025. This article has been indexed from Securelist Read the original article: State of ransomware in 2025
UK Cyber Insurance Claims Second Highest on Record
Marsh says ransomware drove cyber insurance claims to second highest on record in 2024 This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Cyber Insurance Claims Second Highest on Record
UK Government Warns Retail Attacks Must Serve as a “Wake-up Call”
UK government minister Pat McFadden said during CYBERUK that the incidents affecting M&S, Co-op and Harrods show that cybersecurity is a necessity This article has been indexed from www.infosecurity-magazine.com Read the original article: UK Government Warns Retail Attacks Must Serve…
Untersuchung zeigt: So schnell knackt aktuelle Hardware Passwörter
Wie schnell sich ein Passwort per Brute Force knacken lässt, hängt von mehreren Faktoren ab. Forscher haben mit aktuellen Nvidia-GPUs den Test gemacht. (Passwort, Grafikkarten) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Untersuchung zeigt:…
[UPDATE] [mittel] Linux-Kernel: Mehrere Schwachstellen ermöglichen Denial of Service und unspezifische Angriffe
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen und einen nicht spezifizierten Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel]…
Mirai Botnet Actively Targeting GeoVision IoT Devices for Command Injection Exploits
The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of command injection vulnerabilities in discontinued GeoVision Internet of Things (IoT) devices. The vulnerabilities, tracked as CVE-2024-6047 and CVE-2024-11120, were initially disclosed in June and November 2024, respectively,…
NSO Group must pay WhatsApp over $167M in damages for attacks on its users
NSO Group must pay WhatsApp over $167M in damages for a 2019 hack targeting 1,400+ users, per U.S. jury ruling after a five-year legal battle. A U.S. jury ordered NSO Group to pay WhatsApp over $167M for using Pegasus spyware…
Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day
At least two ransomware groups exploited the Windows zero-day CVE-2025-29824 before it was patched by Microsoft. The post Second Ransomware Group Caught Exploiting Windows Flaw as Zero-Day appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)
Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE-2025-27363 is an out of bounds write vulnerability in FreeType, an open-source software library that…
Staatstrojaner: Meta erhält 167 Millionen US-Dollar für Spyware-Angriffe
Die NSO Group muss mehr als 167 Millionen US-Dollar an Meta zahlen, weil sie über 1.400 Whatsapp-Nutzer mit der Pegasus-Spyware attackiert hat. (Rechtsstreitigkeiten, Sicherheitslücke) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Staatstrojaner: Meta erhält…
The Beekeeper 2: Amazon MGM Studios kauft Weltrechte an The Beekeeper 2
Der erste Teil war ein Kinohit, der zweite könnte es auch werden – oder auch gleich bei Amazon Prime Video laufen. (Filme & Serien, Amazon) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: The Beekeeper…
Bundesdigitalminister: Wildberger übernimmt Kompetenzen aus sechs Ministerien
Das neue Digitalministerium erhält mehr Kompetenzen als gedacht. Raumfahrtministerin Bär ist künftig auch für Games zuständig. (Bundesregierung, Vorratsdatenspeicherung) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Bundesdigitalminister: Wildberger übernimmt Kompetenzen aus sechs Ministerien
Second OttoKit Vulnerability Exploited to Hack WordPress Sites
Threat actors are targeting a critical-severity vulnerability in the OttoKit WordPress plugin to gain administrative privileges. The post Second OttoKit Vulnerability Exploited to Hack WordPress Sites appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original…
Talent Shortages Bite as 80% of UK Firms Hit with AI Threats
Half of UK firms have over 10 cyber positions unfilled, according to Cisco This article has been indexed from www.infosecurity-magazine.com Read the original article: Talent Shortages Bite as 80% of UK Firms Hit with AI Threats
Jetzt patchen! Warnung vor Schadecode-Attacken auf FreeType und Langflow
Die US-Sicherheitsbehörde CISA warnt vor Angriffen auf die Programmbibliothek FreeType und das KI-Tool Langflow. Dieser Artikel wurde indexiert von heise security News Lesen Sie den originalen Artikel: Jetzt patchen! Warnung vor Schadecode-Attacken auf FreeType und Langflow
[NEU] [mittel] Liferay Liferay DXP: Schwachstelle ermöglicht Cross-Site Scripting
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Liferay Liferay DXP und Liferay Liferay Portal ausnutzen, um einen Cross-Site Scripting Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel:…
Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal
During our monitoring of Agenda ransomware activities, we uncovered campaigns that made use of the SmokeLoader malware and a new loader we’ve named NETXLOADER. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…
IBM Cognos Analytics Security Vulnerability Allowed Unauthorized File Uploads
IBM has issued a security bulletin addressing two newly discovered, high-severity vulnerabilities in its Cognos Analytics platform. These flaws, tracked as CVE-2024-40695 (Malicious File Upload) and CVE-2024-51466 (Expression Language Injection), potentially expose enterprise systems to unauthorized file uploads and the risk of sensitive data…
Chrome Security Patch Addresses WebAudio Vulnerability Allowing Code Execution
Google has released a critical security update for Chrome, addressing a vulnerability that could allow attackers to execute malicious code through the browser’s WebAudio component. According to an announcement published on Tuesday, May 6, 2025, the stable channel has been…
Mirai Botnet Actively Exploiting GeoVision IoT Devices Command Injection Vulnerabilities
The cybersecurity landscape has once again been disrupted by the resurgence of the notorious Mirai botnet, which has been actively exploiting command injection vulnerabilities in discontinued GeoVision Internet of Things (IoT) devices. This latest campaign leverages two critical vulnerabilities-CVE-2024-6047 and…