Latest Cybersecurity News and Articles
01 October 2024
With enhancements like reduced data transmissions, dynamic code loading, and push notification blocking, Octo2 poses a significant threat to Android users and underscores the continued development of malicious mobile malware.
01 October 2024
The flaw allows attackers to execute code remotely by injecting a malicious PHP object due to improper handling of input during deserialization. This flaw is similar to CVE-2024-5932 but bypasses certain checks, making it even more dangerous.
01 October 2024
Rhadamanthys, an advanced information stealer, has introduced innovative AI capabilities in version 0.7.0, allowing it to extract cryptocurrency seed phrases from images using optical character recognition (OCR).
01 October 2024
Security researcher Zach Hanley from Horizon3. ai discovered hardcoded credentials in the software, allowing unauthenticated access to sensitive IT support data, like password resets and shared service account credentials.
01 October 2024
The group’s persistence is ensured by creating scheduled tasks and employing encryption methods like SHA256 hashing and the Salsa20 algorithm to transmit sensitive data to a command and control server named iceandfire[.]xyz.
01 October 2024
Fake ads are spreading Lumma Stealer malware, targeting fans of the League of Legends World Championship. Cybercriminals are capitalizing on the event hype to trick unsuspecting gamers into downloading a malicious game version.
01 October 2024
This malware, known as "PdiddySploit," poses serious security threats to individuals and organizations. The attackers are luring the public with promises of revealing deleted X posts related to Combs on social media platforms.
01 October 2024
Researcher Simone Margaritelli has uncovered a critical vulnerability that has been present in GNU/Linux systems for over a decade, scoring a 9.9 out of 10 for severity. This flaw allows attackers to gain complete control of vulnerable devices.
01 October 2024
Mimecast highlighted a noticeable increase in the use of Atlassian to evade detection. The attackers utilized postmark URLs to gather data intelligence, including location and browser details.
01 October 2024
The DragonForce group utilizes dual ransomware variants, including one based on LockBit 3.0 and another on ContiV3, to target industries like manufacturing, real estate, and transportation.
01 October 2024
Researchers disclosed a critical privilege escalation vulnerability, CVE-2024-26808, in the Linux kernel affecting versions from v5.9 to v6.6. The flaw is in the Netfilter component, allowing root access by manipulating memory allocation.
01 October 2024
A critical XSS flaw (CVE-2024-47186) has been found in Filament, a popular Laravel development tool. The vulnerability affects versions 3.0.0 to 3.2.114, putting applications at risk that render unvalidated ColorColumn or ColorEntry values.
01 October 2024
Key vulnerabilities include log manipulation in PHP-FPM (CVE-2024-9026), bypassing redirect configurations (CVE-2024-8927), CGI parameter injection vulnerability (CVE-2024-8926), and erroneous parsing of multipart form data (CVE-2024-8925).
01 October 2024
More than 140,000 phishing websites have been found linked to a phishing-as-a-service (PhaaS) platform named Sniper Dz over the past year, indicating that it's being used by a large number of cybercriminals to conduct credential theft.
"For prospective phishers, Sniper Dz offers an online admin panel with a catalog of phishing pages," Palo Alto Networks Unit 42 researchers Shehroze Farooqi,
01 October 2024
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the threat actor.
This enabled the attackers to "use Docker Swarm's orchestration features for command-and-control (C2) purposes," Datadog researchers Matt Muir and Andy Giron said in an analysis.
The attacks
01 October 2024
During National Cybersecurity Awareness Month, cybersecurity experts are reflecting on prominent threats and how they can be mitigated.
30 September 2024
The U.S. Department of Justice (DoJ) has charged a 39-year-old U.K. national for perpetrating a hack-to-trade fraud scheme that netted him nearly $3.75 million in illegal profits.
Robert Westbrook of London was arrested last week and is expected to be extradited to the U.S. to face charges related to securities fraud, wire fraud, and five counts of computer fraud.
According to the court
30 September 2024
A California man accused of failing to pay taxes on tens of millions of dollars allegedly earned from cybercrime also paid local police officers hundreds of thousands of dollars to help him extort, intimidate and silence rivals and former business partners, a new indictment charges. KrebsOnSecurity has learned that many of the man's alleged targets were members of UGNazi, a hacker group behind multiple high-profile breaches and cyberattacks back in 2012.
30 September 2024
Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android.
But it wasn't all good news – Kaspersky's forced exit from the US market left users with more
30 September 2024
A study found that Meta (Facebook, Instagram and Facebook Messenger), YouTube and Discord keep users’ data for 180 days after they have deleted their accounts.