Latest Cybersecurity News and Articles
08 July 2024
The malware has evolved into multiple versions, with GootLoader 3 being the latest one in use. Despite updates to the payload, the infection strategies have remained consistent since its resurgence in 2020.
08 July 2024
Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors.
The vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below -
CVE-2024-39930 (CVSS
08 July 2024
Apple removed a number of virtual private network (VPN) apps in Russia from its App Store on July 4, 2024, following a request by Russia's state communications watchdog Roskomnadzor, Russian news media reported.
This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona. It's worth noting that NordVPN previously shut
06 July 2024
The vulnerability could be exploited to compromise systems without requiring user interaction, contrary to some severity assessments initially made by Tenable and Red Hat.
06 July 2024
Eldorado also encrypts network shares using the SMB protocol, deletes shadow volume copies, and skips certain file types to prevent system damage. Affiliates can customize attacks on Windows, while Linux customization is limited.
06 July 2024
Traeger grills face security bugs that could spell trouble for BBQ enthusiasts. High-severity vulnerabilities in the Traeger Grill D2 Wi-Fi Controller could allow remote attackers to control the grill's temperature or shut it down.
06 July 2024
Online accounts are increasingly protected by passkey technology, but many platforms like banking, e-commerce, social media, and software development can still be compromised using adversary-in-the-middle (AitM) attacks.
05 July 2024
Identity theft isn't just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause major damage with compromised credentials.
The stakes are high: ransomware attacks, lateral movement, and devastating data breaches.
Don't be caught off guard. Join us for a groundbreaking webinar that will change the way you approach cybersecurity.
05 July 2024
French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps).
This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large European bank in June 2020.
The 840 Mpps DDoS attack is said to have been a combination of a TCP
05 July 2024
The researchers at QiAnXin XLab team discovered a new Golang-based botnet called Zergeca, capable of conducting DDoS attacks. It was detected through a suspicious ELF file and has been used to launch DDoS attacks in Canada, the U.S., and Germany.
05 July 2024
The attack surface isn’t what it once was and it’s becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If you’ve clicked on this article, there’s a good chance you’re looking for solutions to manage this risk.
In 2022, a new framework was coined by Gartner
05 July 2024
The Turla malware has been found using weaponized LNK files to infect computers. The malware leverages a compromised website to distribute malicious packages through phishing emails.
05 July 2024
The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts.
"Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurity firm Cybereason said in an analysis published last week.
"While some of the particulars of GootLoader payloads have
05 July 2024
A malicious QR code reader app on Google Play has been found distributing the Anatsa banking malware, posing a significant threat to users' financial data. The app has already been downloaded thousands of times.
05 July 2024
The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024.
This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack
05 July 2024
A new report details 3 sophisticated nation-state campaigns, and security leaders share their insights.
04 July 2024
Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks.
Written in Golang, the botnet is so named for its reference to a string named "ootheca" present in the command-and-control (C2) servers ("ootheca[.]pw" and "ootheca[.]top").
"Functionally, Zergeca is not just a typical DDoS botnet; besides supporting six
04 July 2024
ANSSI warned about a hacking group linked to Russia's SVR targeting French diplomatic interests. The group has compromised email accounts at the French Ministry of Culture and the National Agency for Territorial Cohesion
04 July 2024
Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication.
04 July 2024
Canonical has released Ubuntu security updates to address bugs in Ghostscript, a tool used for interpreting PostScript and PDF files. These vulnerabilities could potentially allow attackers to bypass security restrictions or execute malicious code.