Latest Cybersecurity News and Articles
25 June 2024
Ta Van Tai, Nguyen Viet Quoc, Nguyen Trang Xuyen, and Nguyen Van Truong are accused of conducting phishing campaigns and supply chain compromises to orchestrate cyberattacks and steal millions of dollars.
25 June 2024
SpyMax does not require the targeted device to be rooted, making it easier for threat actors to cause damage. Once installed, SpyMax gathers personal information from the infected device without user consent and sends it to a remote threat actor.
25 June 2024
P2PInfect, a previously dormant peer-to-peer malware botnet, has recently become active and is now targeting Redis servers. The botnet has introduced new features like cron-based persistence mechanisms and SSH lockout.
25 June 2024
Unlike previous methods, SnailLoad doesn't require a person-in-the-middle attack or hacking the target's Wi-Fi. Instead, it lets a remote attacker infer websites and content viewed by a user without accessing their network traffic directly.
25 June 2024
Multiple WordPress plugins have been found to contain a backdoor that injects malicious code. This code allows attackers to create unauthorized administrator accounts, enabling them to perform malicious actions.
25 June 2024
The Boolka group is responsible for deploying advanced malware and conducting web attacks. They have been exploiting vulnerabilities using SQL injection attacks since 2022, targeting websites in various countries.
25 June 2024
A new command execution technique called "GrimResource" has been discovered that leverages a combination of specially crafted Microsoft Saved Console (MSC) files and an unpatched Windows XSS flaw.
25 June 2024
Threat actors are exploiting a novel attack technique in the wild that leverages specially crafted management saved console (MSC) files to gain full code execution using Microsoft Management Console (MMC) and evade security defenses.
Elastic Security Labs has codenamed the approach GrimResource after identifying an artifact ("sccm-updater.msc") that was uploaded to the VirusTotal malware
25 June 2024
The U.S. Department of Energy has released a new framework of best practices for securing clean energy cyber supply chains, focusing on key technologies used in managing electricity, oil, and natural gas systems.
25 June 2024
Browser security is becoming increasingly popular, as organizations understand the need to protect at the point of risk - the browser. Network and endpoint solutions are limited in their ability to protect from web-borne threats like phishing websites or malicious browser extensions. They also do not protect from internal data exfiltration, like employees pasting sensitive data to ChatGPT. As it
25 June 2024
AI is not new to cybersecurity, but generative AI is causing concern as it impacts organizations. A study found that AI-generated threats have already affected 75% of organizations, yet 60% are not prepared to handle AI-based attacks.
25 June 2024
A previously undocumented threat actor dubbed Boolka has been observed compromising websites with malicious scripts to deliver a modular trojan codenamed BMANAGER.
"The threat actor behind this campaign has been carrying out opportunistic SQL injection attacks against websites in various countries since at least 2022," Group-IB researchers Rustam Mirkasymov and Martijn van den Berk said in a
25 June 2024
The European Union has imposed sanctions on four Russian hackers from the country's domestic intelligence agency, including two military officers. These individuals were involved in "hack and leak" operations against Western governments.
25 June 2024
During an analysis of a malware sample containing StealC and Vidar, it was discovered that attackers were using Steam to hide their C2 location and disguise malicious activity as regular traffic.
25 June 2024
Google has developed a framework known as Project Naptime, which utilizes a large language model (LLM) for vulnerability research. The framework allows an AI agent to simulate the actions and workflow of a human security researcher.
25 June 2024
WikiLeaks founder Julian Assange has been freed in the U.K. and has departed the country after serving more than five years in a maximum security prison at Belmarsh for what was described by the U.S. government as the "largest compromises of classified information in the history" of the country.
Capping off a 14-year legal saga, Assange, 52, pleaded guilty to one criminal count of conspiring to
24 June 2024
Four Vietnamese nationals with ties to the FIN9 cybercrime group have been indicted in the U.S. for their involvement in a series of computer intrusions that caused over $71 million in losses to companies.
The defendants, Ta Van Tai (aka Quynh Hoa and Bich Thuy), Nguyen Viet Quoc (aka Tien Nguyen), Nguyen Trang Xuyen, and Nguyen Van Truong (aka Chung Nguyen), have been accused of conducting
24 June 2024
Multiple WordPress plugins have been backdoored to inject malicious code that makes it possible to create rogue administrator accounts with the aim of performing arbitrary actions.
"The injected malware attempts to create a new administrative user account and then sends those details back to the attacker-controlled server," Wordfence security researcher Chloe Chamberland said in a Monday alert.
24 June 2024
EXECUTIVE SUMMARY: The benefits of AI in cyber security are phenomenal, yet not sufficiently well-known. In this article, get insights that cut through the noise; that show you how to put AI to work in ways that will yield worthwhile results. AI-powered cyber security solutions drive proactive threat prevention, accelerated response times, reduced false positives, […]
The post 5 underappreciated benefits of AI in cyber security appeared first on CyberTalk.
24 June 2024
The Shadowserver Foundation, in collaboration with top security agencies and vendors, detected multiple remote command execution attempts by a Mirai-like botnet. It advised Zyxel NAS owners to actively search for signs of compromise.