Bogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. “Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks,” Morphisec researcher…
Tag: EN
US Unveils New National Cyber Incident Response Plan
The draft plan is designed to help businesses understand how the government will support them during a cyber incident This article has been indexed from www.infosecurity-magazine.com Read the original article: US Unveils New National Cyber Incident Response Plan
Beware of Malicious Ads on Captcha Pages that Deliver Password Stealers
Malicious actors have taken cybercrime to new heights by exploiting captcha verification pages, a typically harmless security feature, to launch large-scale malware distribution campaigns. This startling revelation uncovers how these fake captchas, interlaced with malicious advertising, are infecting users with…
Pumakit Rootkit Challenges Linux Security Systems
According to the researchers from the Elastic Security Lab, a new rootkit called PUMAKIT can perform various advanced evasion mechanisms. When Elastic Security researchers discovered PUMAKIT while routinely hunting for threats on VirusTotal, they described it as PUMAKIT. Many…
All Major European Financial Firms Suffer Supplier Breaches
SecurityScorecard claims 100% of Europe’s top financial services companies have suffered a supply chain breach in the past year This article has been indexed from www.infosecurity-magazine.com Read the original article: All Major European Financial Firms Suffer Supplier Breaches
Bitcoin Hits New High Over $107,000 On Trump Comments
Bitcoin surges more than 5 percent after Trump reaffirms plans for national strategic crypto reserve, as optimism grows This article has been indexed from Silicon UK Read the original article: Bitcoin Hits New High Over $107,000 On Trump Comments
China Chip Investment Plummets Amidst US Restrictions
Investment in China’s semiconductor industry falls by one-third this year as US tightens restrictions, state funding now dominates This article has been indexed from Silicon UK Read the original article: China Chip Investment Plummets Amidst US Restrictions
U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference (CVE-2024-35250) and…
Kali Linux 2024.4 released! 14 new shiny tools added
Kali Linux 2024.4 includes a broad set of updates and changes. The summary of the changelog since the 2024.3 release from September: Python 3.12 – New default Python version (Au revoir pip, hello pipx). The end of the i386 kernel…
Arctic Wolf acquires BlackBerry’s Cylance endpoint security assets
Arctic Wolf and BlackBerry announced they have entered into a definitive agreement for Arctic Wolf to acquire BlackBerry’s Cylance endpoint security assets. Cylance is the pioneer of AI-based endpoint protection trusted by thousands of organizations around the world. With this…
Ofcom Gives Tech Firms Three Months To Implement Content Controls
Ofcom publishes codes of practice for tech platforms to comply with Online Safety Act, with measures coming into effect on 17 March This article has been indexed from Silicon UK Read the original article: Ofcom Gives Tech Firms Three Months…
Download a banker to track your parcel
The Mamont banking trojan is spreading under the guise of a parcel-tracking app for fake stores claiming to offer goods at wholesale prices. This article has been indexed from Securelist Read the original article: Download a banker to track your…
Serbian authorities use spyware, Ransomware impacts Rhode Island, ConnectOnCall breach
Serbian authorities accused of using Cellebrite to spy on journalists Ransomware attack shuts down Rhode Island’s public assistance system ConnectOnCall breach exposes close to a million patients Thanks to today’s episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks…
Python Delivering AnyDesk Client as RAT, (Tue, Dec 17th)
RATs or “Remote Access Tools†are very popular these days. From an attacker's point of view, it's a great way to search and exfiltrate interesting data but also to pivot internally in the network. Besides malicious RATs, they are legit…
ConnectOnCall Data Breach, 900,000 Customers Data Exposed
The healthcare communication platform ConnectOnCall, operated by ConnectOnCall.com, LLC, has confirmed a significant data breach that compromised the personal information of 900,000 patients and healthcare providers. The platform, designed to streamline after-hours communications between patients and healthcare providers, discovered the…
Hitachi Authentication Bypass Vulnerability Allows Attackers to Hack the System Remotely
Critical Authentication Bypass Vulnerability Identified in Hitachi Infrastructure Analytics Advisor and Ops Center Analyzer. A severe vulnerability has been discovered in Hitachi’s Infrastructure Analytics Advisor and Ops Center Analyzer, posing a significant security risk to users of these products. The…
CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below – CVE-2024-20767 (CVSS score: 7.4)…
The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal
A little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. “The Mask APT is a legendary threat actor that has…
CISA Warns of Adobe & Windows Kernel Driver Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert, adding two significant vulnerabilities to its Known Exploited Vulnerabilities Catalog. These vulnerabilities, actively exploited by malicious actors, underscore the growing risks facing organizations. Adobe ColdFusion Access Control Weakness…
Kali Linux 2024.4 Released – What’s New!
Kali Linux has unveiled its final release for 2024, version Kali Linux 2024.4, packed with notable updates, including new tools and enhancements. This highly anticipated update caters to the needs of security professionals, ethical hackers, and tech enthusiasts with a…