Tag: CySecurity News – Latest Information Security and Hacking Incidents

A new and highly sophisticated malware strain has emerged, posing a significant threat to millions of Linux servers worldwide. Dubbed “perfctl,” this fileless malware employs advanced evasion techniques and exploits a staggering 20,000 misconfigurations in Linux servers.  Its primary targets…

Read more →

A new wave of cyberattacks is targeting users in France, exploiting fake browser and software update prompts to spread an updated version of the WarmCookie backdoor. The campaign, dubbed “FakeUpdate,” has been linked to the SocGolish threat group, known for…

Read more →

  MoneyGram, a payment provider, claims there is no proof that ransomware was behind a recent incident that caused a five-day outage in September.  MoneyGram is an American payment and money transfer platform that allows customers to send and receive…

Read more →

A recent demonstration by Harvard student AnhPhu Nguyen using Meta Ray-Ban 2 smart glasses has revealed the alarming potential for privacy invasion through advanced AI-powered facial recognition technology. Nguyen’s experiment involved using these $379 smart glasses, equipped with a livestreaming…

Read more →

  In the summer of 2013, cybercriminals gained access to 5% of all Adobe Commerce and Magento stores worldwide. Large international brands have fallen victim to this attack and are among the victims. The CosmicSting attack is being conducted by…

Read more →

  In a shocking incident, SP Oswal, chairman of the Vardhman Group, India, fell victim to a scam that cost him over INR 7 crore. The 82-year-old businessman was tricked into believing he was under investigation for money laundering, with…

Read more →

  Ransomware is a significant threat that can lock users out of their own files until a ransom is paid to recover the data. CBS News recently highlighted the devastating impact of ransomware, focusing on the Scattered Spider group, which…

Read more →

  In response to the recent publication of the Counter Ransomware Initiative (CRI), members of the initiative have provided new guidance to organizations so they can consider other possibilities before paying cyber criminals a ransom. The new guidelines aim to…

Read more →

  Ransomware continues to pose significant issues for businesses and organisations around the world, and with attacks on the rise, the UK and 38 other nations have joined forces with international cyber insurance authorities to create new guidelines aimed at…

Read more →

  As multi-factor authentication (MFA) becomes more common, attackers are increasingly resorting to session hijacking. Evidence from 2023 shows this trend: Microsoft detected 147,000 token replay attacks, marking a 111% increase year-over-year. Google reports that attacks on session cookies now…

Read more →

  A new variant of the Rhadamanthys information stealer malware has been identified, which now poses a further threat to cryptocurrency users by adding AI to seed phrase recognition. The bad guys behind the malware were not enough in themselves,…

Read more →

The Andariel hacking group, a notorious entity linked to North Korea, has recently shifted its focus towards financially motivated attacks on U.S. organizations. This pivot, observed in August 2024, marks a significant change in the group’s operational strategy, raising concerns…

Read more →

  A recent study presented at the 2024 Web Conference has identified a rising cybersecurity risk known as “phantom domains.” These phantom domains result from unregistered or placeholder dot-com links that hackers can hijack, turning them into dangerous attack vectors. …

Read more →

  Using a variety of character types in your passwords and changing them on a regular basis are no longer considered best practices for password management. This is according to new standards published by the United States National Institute of…

Read more →

  DrayTek recently patched 14 vulnerabilities in 24 router models, including a critical buffer overflow flaw that could allow remote code execution (RCE) or denial of service (DoS). The vulnerabilities, identified by Forescout Research’s Vedere Labs and described in their…

Read more →

  During an investigation conducted recently, it was discovered that several malicious packages masquerading as services for recovering cryptocurrency wallets were found in the Python Package Index repository, revealing that they were spying on sensitive personal information and helping to…

Read more →

  A fake crypto wallet draining app on Google Play has stolen USD 70,000 from users, making it the first case where mobile users were specifically targeted by such a scam. The app stayed active for several months before being…

Read more →

  Microsoft has released an update regarding the Recall feature in Windows 11, which has been on hold for some time owing to security and privacy concerns. The document also details when Microsoft intends to move forward with the feature…

Read more →

Necro Trojan, which has recently made headlines for its innovative use of steganography has compromised over 11 million Android devices. This blog delves into the intricacies of this malware, how it works, and its impact on cybersecurity. Understanding the Necro…

Read more →

  One-third of all the Americans’ information has been leaked by a background check company in the United States due to a disturbing data breach report. MC2 Data, which is one of the largest providers of background checks in the…

Read more →