Latest Cybersecurity News and Articles


Linux Malware ‘Migo’ Targets Redis for Cryptojacking Attacks

23 February 2024
Researchers spotted a new Migo malware targeting Redis servers to mine cryptocurrency and utilizing system-weakening commands to disable security features. Migo is distributed as a Golang ELF binary, with compile-time obfuscation and the ability to persist on Linux hosts. Organizations are expected to expedite their threat-hunting and investigation processes by leveraging IOCs associated with the malware.

Update: Plant Production Still on Hold for German Battery Manufacturer After Cyberattack

23 February 2024
The company has informed customers of potential email loss and is working with experts to investigate the cyberattack, which was carried out by an organized group of hackers.

Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability

23 February 2024
Details have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that could permit a shortcut to access sensitive information on the device without users' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and 

FTC Slams Avast with $16.5 Million Fine for Selling Users' Browsing Data

22 February 2024
The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users' browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing data for advertising purposes. It will also have to notify users whose browsing data was

Year-over-year, the median initial ransom has risen by 20%

22 February 2024
A recent report reveals an increase in initial ransom demand amounts. Furthermore, vulnerabilities detected in 2022 are continuing to be exploited. 

Multiple FreeImage Vulnerabilities Fixed in Ubuntu

22 February 2024
On 16th January 2024, the Ubuntu security team released critical security updates addressing several FreeImage vulnerabilities in different Ubuntu releases, including Ubuntu 16.04 and Ubuntu 18.04.

Russian Consular Software Installer Backdoored to Deploy Konni RAT

22 February 2024
This activity is linked to actors from North Korea targeting Russia. The trojan is being distributed through backdoored software installers and is capable of file transfers and command execution.

Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage

22 February 2024
Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach

New Open-Source Self-Modifying Worm Tool SSH-Snake Threatens Networks

22 February 2024
The worm autonomously searches for SSH credentials, modifies itself to remain fileless, and uses a variety of methods to collect private keys, making it difficult to detect statically.

Hack at Healthcare Services Firm Hits 2.4 Million Eye Doctor Patients

22 February 2024
The breach affected nearly 2.4 million patients and compromised sensitive information such as names, contact details, medical records, and in some cases, Social Security numbers and insurance information.

Resilience Acquires Incident Response Provider BreachQuest

22 February 2024
Resilience, a cyber insurance startup, has acquired BreachQuest, a cybersecurity company specializing in incident response solutions, to enhance its cyber risk management software and incident management solution.

Report finds blocklists are still effective in mitigating attacks

22 February 2024
Web application attacks were analyzed in a recent report by Edgio. The report found that the most prevalent attack mitigated was path traversal. 

NCA Exposes Nearly 200 LockBit Affiliates, Data Theft Malware

22 February 2024
The UK's National Crime Agency (NCA) has gained control of LockBit's site and has exposed the identities of the affiliates, disrupted the affiliate infrastructure, and destroyed the servers used for data exfiltration.

1Password Expands Its Endpoint Security Offerings With Kolide Acquisition

22 February 2024
1Password, a password management software developer, has acquired Kolide, an endpoint security platform, for an undisclosed amount. Kolide's device security and contextual access management solution will be integrated into 1Password's offerings.

'Lucifer' Botnet Turns Up the Heat on Apache Hadoop Servers

22 February 2024
The botnet's campaign has evolved through three distinct phases, testing new infection routines and defense evasion techniques before potentially launching a broader attack.

New Leak Shows Business Side of China’s APT Menace

22 February 2024
A new data leak that appears to have come from one of China's top private cybersecurity firms provides a rare glimpse into the commercial side of China's many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation's burgeoning and highly competitive cybersecurity industry.

Cryptocurrency Exchange FixedFloat Hacked to Siphon Off $26 Million in BTC, ETH

22 February 2024
FixedFloat, a non-KYC crypto exchange, was hacked for $26 million worth of Bitcoin and Ethereum due to vulnerabilities and insufficient security measures, leading to frozen transactions and missing funds.

Breach at Aussie Telecom Tangerine Affects 232,000 Customers

22 February 2024
The company confirmed that no credit/debit card numbers were compromised and assured that customer accounts are protected by multifactor authentication, ensuring security from unauthorized access.

Trust in biometric data is declining among consumers

22 February 2024
Confidence in biometric technology and the security of organizations that store biometric data is declining, according to a new report. 

US Health Tech Giant Change Healthcare Hit by Cyberattack

22 February 2024
The incident disrupted patient payments and prescription processing, affecting a significant portion of the U.S. healthcare system due to Change Healthcare's extensive reach and role in handling healthcare transactions.