As part of an ongoing analysis of ransomware-as-a-service operations, a new operation known as VanHelsing has been identified. This operation demonstrates a sophisticated multi-platform capability, posing a significant cybersecurity threat. This new strain of ransomware is designed to be…
Connor Moucka Extradited to U.S. for Snowflake Data Breaches Targeting 165 Companies
Connor Moucka, a Canadian citizen accused of orchestrating large-scale data breaches affecting 165 companies using Snowflake’s cloud storage services, has agreed to be extradited to the United States to face multiple federal charges. The breaches, which targeted high-profile companies…
New innovations in Microsoft Purview for protected, AI-ready data
Microsoft Purview delivers a comprehensive set of solutions that help customers seamlessly secure and confidently activate data in the era of AI. The post New innovations in Microsoft Purview for protected, AI-ready data appeared first on Microsoft Security Blog. This…
New Malware Variant RESURGE Exploits Ivanti Vulnerability
CISA recommends immediate action to address malware variant RESURGE exploiting Ivanti vulnerability CVE-2025-0282 This article has been indexed from www.infosecurity-magazine.com Read the original article: New Malware Variant RESURGE Exploits Ivanti Vulnerability
AWS WAF Classic vs WAFV2: Features and Migration Considerations
Amazon Web Services Web Application Firewall (AWS WAF) protects web programs against widespread vulnerabilities including SQL injection and cross-scriptability. Amazon Web Services WAFV2, a new WAF Classic service, introduces with it increased agility, elasticity, and operational efficiency. In this article,…
New Ubuntu Security Bypasses Allow Attackers to Exploit Kernel Vulnerabilities
Three critical bypasses in Ubuntu Linux’s unprivileged user namespace restrictions allow local attackers to escalate privileges and exploit kernel vulnerabilities. These bypasses affect Ubuntu 23.10 and 24.04 LTS systems, where AppArmor-based protections were introduced to limit namespace misuse. While not…
Multiple Dell Unity Vulnerabilities Let Attackers Compromise Affected System
Dell Technologies has released a critical security update addressing multiple severe vulnerabilities in its Unity enterprise storage systems that could allow attackers to execute arbitrary commands as root, delete critical system files, and perform other malicious activities without authentication. Security…
CrushFTP Vulnerability Exploited to Gain Full Server Access
A critical vulnerability (CVE-2025-2825) in CrushFTP, a widely used enterprise file transfer solution, allows attackers to bypass authentication and gain unauthorized server access. The vulnerability, which affects versions 10.0.0 through 10.8.3 and 11.0.0 through 11.3.0, received a CVSS score of…
Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory
Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks. The post Threat Actors Deploy WordPress Malware in ‘mu-plugins’ Directory appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Online Scams in the Age of AI
The question is no longer whether AI-driven scams will target your business, but how prepared you are to counter them. The post Online Scams in the Age of AI appeared first on Security Boulevard. This article has been indexed from…
How Will the Splinternet Impact Cybersecurity
Most people think of the internet as a globally connected resource. However, user experiences are not necessarily as consistent as they believe. Factors such as politics, regulations and censorship have… The post How Will the Splinternet Impact Cybersecurity appeared first…
ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers
New “ClickFake Interview” campaign attributed to the Lazarus Group targets crypto professionals with fake job offers This article has been indexed from www.infosecurity-magazine.com Read the original article: ClickFake Interview Campaign by Lazarus Targets Crypto Job Seekers
CoffeeLoader uses a GPU-based packer to evade detection
CoffeeLoader is a sophisticated malware that uses numerous techniques to bypass security solutions, Zscaler ThreatLabz warns. Zscaler ThreatLabz discovered CoffeeLoader, a malware family active since September 2024, that uses multiple techniques to evade endpoint security while downloading second-stage payloads. The…
Russia-linked Gamaredon targets Ukraine with Remcos RAT
Russia-linked Gamaredon targets Ukraine with a phishing campaign using troop-related lures to deploy the Remcos RAT via PowerShell downloader. Talos researchers warn that Russia-linked APT group Gamaredon (a.k.a. Armageddon, Primitive Bear, ACTINIUM, Callisto) targets Ukraine with a phishing campaign. The cyberespionage…
Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program
A strong security program will sometimes require substantial organizational and cultural changes around security practices, and inevitably, a higher cost. The post Zero to Hero – A “Measured” Approach to Building a World-Class Offensive Security Program appeared first on SecurityWeek.…
Windows 11 Insider Released – Microsoft Removes BypassNRO.cmd Script to Enhance Security
Microsoft has launched Windows 11 Insider Preview Build 26200.5516 to the Dev Channel with exciting new updates, including innovative features and a key security enhancement. Among the major changes is the removal of the widely known BypassNRO.cmd script, a move aimed at bolstering…
9 Best DDoS Protection Service Providers in 2025
DDoS protection service providers can detect the early stages of an attack. Compare best DDoS vendors for your network’s needs. The post 9 Best DDoS Protection Service Providers in 2025 appeared first on eSecurity Planet. This article has been indexed…
ClickFake Interview – Lazarus Hackers Exploit Windows and macOS Users Fake Job Campaign
The Lazarus Group, a North Korean state-sponsored hacking collective, has launched a new campaign dubbed ClickFake Interview, targeting job seekers in the cryptocurrency industry. This malicious operation uses fake job interview websites to deploy a Go-based backdoor, known as GolangGhost,…
Earth Alux Hackers Employ VARGIET Malware to Attack Organizations
The cybersecurity landscape has been disrupted by Earth Alux, a China-linked advanced persistent threat (APT) group actively conducting espionage operations since the second quarter of 2023. Initially targeting the Asia-Pacific region, the group expanded its operations to Latin America by…
Hewlett Packard RCE Vulnerability Allows Attackers to Bypass Authentication and Execute Remote Commands
A critical unauthenticated remote code execution vulnerability (CVE-2024-13804) has been discovered in HPE Insight Cluster Management Utility (CMU) v8.2, enabling attackers to bypass authentication mechanisms and execute commands with root privileges on the backend server. This high-severity vulnerability affects a…
⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces…
Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images
Threat actors are using the “mu-plugins” directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site visitors to bogus sites. mu-plugins, short for must-use plugins, refers to plugins in a special…
IT Security News Hourly Summary 2025-03-31 15h : 5 posts
5 posts were published in the last hour 12:33 : Nach Crowdstrike-Fiasko: Microsoft will Bootfehler künftig aus der Ferne fixen 12:32 : Apache Camel Exploit Attempt by Vulnerability Scan (CVE-2025-27636, CVE-2025-29891), (Mon, Mar 31st) 12:32 : The Role of DevSecOps…
Sicher ist sicher
Die Sicherheitsbranche steht vor großen Veränderungen. Erfahren Sie in der neuesten PROTECTOR-Ausgabe mehr über die Chancen und Risiken, die der Wandel mit sich bringt. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Sicher ist sicher