Researchers from Proofpoint have uncovered a sophisticated cyberattack campaign leveraging Google Sheets as a command and control (C2) platform. Dubbed “Voldemort” by the researchers, this campaign targets Windows users globally, employing a novel attack chain that combines both common and…
Tag: EN
Manufacturing Sector Under Fire From Microsoft Credential Thieves
The spear-phishing emails impersonate reputable companies like Periscope Holdings and R.S. Hughes, prompting victims to surrender their Microsoft credentials by clicking on a file attachment. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Integrity360 Expands to South Africa with Grove Acquisition
Grove Group, a cybersecurity and cloud services company based in Cape Town, brings around 600 customers across 51 countries to Integrity360. This acquisition will also enhance Integrity360’s security operations center (SOC) business. This article has been indexed from Cyware News…
Year-Long Malware Campaign Exploits NPM to Attack Roblox Developers
A year-long malware campaign targets Roblox developers using fake NPM packages mimicking “noblox.js” to steal data. Despite takedowns,… This article has been indexed from Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News Read the original article: Year-Long Malware Campaign…
South Korea-linked group APT-C-60 exploited a WPS Office zero-day
South Korea-linked group APT-C-60 exploited a zero-day in the Windows version of WPS Office to target East Asian countries. South Korea-linked group APT-C-60 exploited a zero-day, tracked as CVE-2024-7262, in the Windows version of WPS Office to deploy the SpyGlace…
The NIS2 Directive: How Far Does it Reach?
Key aspects of the NIS2 Directive include a focus on proactive cybersecurity measures for entities within its scope, such as risk analysis, incident handling, and supply chain security. This article has been indexed from Cyware News – Latest Cyber News…
Fortra Patches Critical Vulnerability in FileCatalyst Workflow
Fortra limits access to FileCatalyst Workflow database after vendor knowledgebase article leaks default credentials. The post Fortra Patches Critical Vulnerability in FileCatalyst Workflow appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read the original article:…
INE Security Named 2024 SC Awards Finalist
Cary, North Carolina, 30th August 2024, CyberNewsWire The post INE Security Named 2024 SC Awards Finalist appeared first on Cybersecurity Insiders. This article has been indexed from Cybersecurity Insiders Read the original article: INE Security Named 2024 SC Awards Finalist
Cybersecurity Insurance: Signals Maturity to Partners, Improved Security Response
A newly released report, Forrester’s The State of Cyber, 2024 finds about 83% of organizations currently maintain cybersecurity insurance, and such policyholders tend to possess improved ability to detect and respond to attacks. The post Cybersecurity Insurance: Signals Maturity to…
Iranian Hackers Set Up New Network to Target U.S. Political Campaigns
Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future’s Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie,…
Malware Masquerading as Palo Alto GlobalProtect Tool Targets Middle East Users
Users in the Middle East are being targeted by sophisticated threat actors deploying malware disguised as the Palo Alto GlobalProtect tool, Trend Micro has revealed. The malware employs a two-stage infection process, leveraging advanced command-and-control (C&C) infrastructure to evade detection…
FBI: RansomHub Hits Over 200 Entities Since Feb
RansomHub, previously known as Cyclops and Knight, has quickly gained traction, targeting over 210 victims across US critical infrastructure sectors. This ransomware-as-a-service (RaaS) model has been active since February 2024. These include water and wastewater, information technology, government services and…
Top Cost-Effective Cybersecurity Strategies for SMBs
Safeguarding your small or medium-sized business against escalating cyber threats is essential, yet the steep costs of sophisticated security measures can be daunting. This guide delves into smart, budget-friendly cybersecurity tactics designed to fortify your business without draining your finances.…
Philippines: Intel Fusion Center Eyed to Boost Cybersecurity
The Department of Information and Communications Technology (DICT) is focusing on enhancing cybersecurity in the Philippines through the National CyberSecurity Plan (NCSP) 2023-2028. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Philippines:…
California Passes Landmark Bill Requiring Easier Data Sharing Opt-Outs for Consumers
California has passed a landmark bill that requires internet browsers and mobile operating systems to make it easier for consumers to opt out of sharing their private data with websites for targeted advertising. This article has been indexed from Cyware…
PoorTry Windows Driver Deletes Crucial Files to Impairs Windows Computers
The PoorTry Windows driver, originally used to disable EDR solutions, has now evolved into an EDR wiper, deleting crucial files to make system restoration harder. Sophos has confirmed actual EDR wiping attacks in the wild. This article has been indexed…
Veeam Widens Beam to MongoDB, Nutanix & Proxmox VE
Veeam has shown evidence of its capabilities to provide backup, recovery and cybersecurity across an increasing number of heavyweight cloud platforms, databases and service layers including MongoDB and Nutanix. The post Veeam Widens Beam to MongoDB, Nutanix & Proxmox VE…
New Malware Masquerades as Palo Alto VPN Targeting Middle East Users
Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool. “The malware can execute remote PowerShell commands, download and exfiltrate…
Unpatchable Zero-Day in Surveillance Cameras is Being Exploited to Install Mirai
The vulnerability, known as CVE-2024-7029, allows attackers to remotely execute commands on the compromised device. The targeted device is the AVM1203 surveillance camera from AVTECH. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Cisco Bolsters AI Security by Buying Robust Intelligence
Cisco is strengthening its AI security by acquiring Robust Intelligence, a startup led by a former Harvard professor. This acquisition emphasizes the importance of AI security in modern IT infrastructure. This article has been indexed from Cyware News – Latest…