Latest Cybersecurity News and Articles


Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

26 September 2024
As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusion set as long-running, with first signs of infection detected as far back as December 2022. The

Critical Vulnerability in pgAdmin Puts User Data at Risk

26 September 2024
This flaw, identified as CVE-2024-9014 and carrying a CVSS score of 9.9, could enable attackers to potentially compromise user data through the OAuth2 authentication mechanism.

RecordStealer: A Case Study in the Persistent Threat of Info-Stealing Malware

26 September 2024
RecordStealer, also known as RecordBreaker and Raccoon Stealer V2, is a persistent threat that steals sensitive information like credit card data, passwords, and cryptocurrency wallets.

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

26 September 2024
The flaw affects ASF version 3. 52. 0. 2574 and earlier, with potential for exploitation in various IoT devices. No fixes are available, except for replacing the vulnerable tinydhcp service.

Critical Vulnerabilities Found in Proroute H685t-w 4G Router

26 September 2024
Two critical vulnerabilities have been discovered in Proroute H685t-w 4G routers: a command injection flaw (CVE-2024-45682) allowing complete system takeover and a cross-site scripting vulnerability (CVE-2024-38380) enabling account hijacking.

Cracked Software or Cyber Trap? The Rising Danger of AsyncRAT Malware

26 September 2024
McAfee Labs warned of the spread of AsyncRAT through popular software cracks. Cybercriminals are disguising this malware as cracked versions of well-known software, tricking users into unknowingly installing a sophisticated remote access trojan.

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

26 September 2024
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which is also called Outrider Tiger and Fishing Elephant. "Between late 2022 to present, SloppyLemming

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

26 September 2024
Nation-state threat actors backed by Beijing broke into a "handful" of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that Microsoft tracks as Salt Typhoon, which is also known as FamousSparrow and GhostEmperor. "Investigators

Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%

25 September 2024
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the overall security risk of a codebase, but also makes the switch

Timeshare Owner? The Mexican Drug Cartels Want You

25 September 2024
The FBI is warning timeshare owners to be wary of a prevalent telemarketing scam involving a violent Mexican drug cartel that tries to trick elderly people into believing someone wants to buy their property. This is the story of a couple who recently lost more than $50,000 to an ongoing timeshare scam that spans at least two dozen phony escrow, title and realty firms.

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

25 September 2024
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy Preserving Attribution (PPA) without explicitly seeking users' consent. "Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites," noyb said

75% of organizations say phishing poses the greatest AI risk

25 September 2024
Chief Information Security Officer (CISO) concerns over artificial intelligence (AI) were analyzed in a recent report by Team8.

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool

25 September 2024
Cybersecurity researchers have flagged the discovery of a new post-exploitation red team tool called Splinter in the wild. Palo Alto Networks Unit 42 shared its findings after it discovered the program on several customers' systems. "It has a standard set of features commonly found in penetration testing tools and its developer created it using the Rust programming language," Unit 42's Dominik

Expert Tips on How to Spot a Phishing Link

25 September 2024
Phishing attacks are becoming more advanced and harder to detect, but there are still telltale signs that can help you spot them before it's too late. See these key indicators that security experts use to identify phishing links:1. Check Suspicious URLs  Phishing URLs are often long, confusing, or filled with random characters. Attackers use these to disguise the link's true destination

Agentic AI in SOCs: A Solution to SOAR's Unfulfilled Promises

25 September 2024
Security Orchestration, Automation, and Response (SOAR) was introduced with the promise of revolutionizing Security Operations Centers (SOCs) through automation, reducing manual workloads and enhancing efficiency. However, despite three generations of technology and 10 years of advancements, SOAR hasn’t fully delivered on its potential, leaving SOCs still grappling with many of the same

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

25 September 2024
A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence (AI) tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of any information the user typed or responses received by ChatGPT, including any future chat sessions

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

25 September 2024
Transportation and logistics companies in North America are the target of a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The activity cluster, per Proofpoint, makes use of compromised legitimate email accounts belonging to transportation and shipping companies so as to inject malicious content into existing email conversations. As many

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

25 September 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593 (CVSS score: 9.8), which could be exploited by a remote unauthenticated attacker to bypass the

Necro Android Malware Found in Popular Camera and Browser Apps on Play Store

24 September 2024
Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They include - Wuta Camera - Nice Shot Always (com.benqu.wuta) - 10+ million

U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech

24 September 2024
The U.S. Department of Commerce (DoC) said it's proposing a ban on the import or sale of connected vehicles that integrate software and hardware made by foreign adversaries, particularly that of the People's Republic of China (PRC) and Russia. "The proposed rule focuses on hardware and software integrated into the Vehicle Connectivity System (VCS) and software integrated into the Automated