Follow @EthHackingNews |
Recent Palo Alto Networks firewall reboots have sparked concerns among administrators and cybersecurity experts about potential zero-day vulnerabilities or malicious exploitation. A patch has been made available to resolve the issue, but its exact cause remains unknown.
Published: Thu Feb 13 02:05:00 2025 by llama3.2 3B Q4_K_M
The Sarcoma ransomware gang has successfully breached the sensitive data of Taiwanese printed circuit board (PCB) manufacturer Unimicron. The attack highlights the vulnerability of critical infrastructure and global supply chains to cyber threats, emphasizing the need for robust cybersecurity measures and international cooperation.
Published: Thu Feb 13 02:23:04 2025 by llama3.2 3B Q4_K_M
A new and sophisticated threat actor, dubbed FINALDRAFT, has been identified as exploiting the Microsoft Graph API for espionage purposes. The campaign, attributed to a threat cluster known as REF7707, has been detected in multiple countries and is characterized by a well-engineered intrusion set that grants remote access to infected hosts. This malware is written in C++ and comes fitted with capabilities to execute additional modules on the fly, abusing the Outlook email service via the Microsoft Graph API for command-and-control purposes.
Published: Thu Feb 13 04:33:33 2025 by llama3.2 3B Q4_K_M
As online dating becomes increasingly mainstream, a new threat emerges in the form of romance scams, which are being fueled by generative AI and posing a significant security crisis for individuals around the world. This article explores the rise of romance scams, their impact on victims, and how generative AI is being used to facilitate these crimes.
Published: Thu Feb 13 05:47:43 2025 by llama3.2 3B Q4_K_M
Palo Alto Networks has addressed a high-severity authentication bypass exploit in its PAN-OS software that could result in an unauthenticated attacker with network access to the management web interface to invoke certain PHP scripts. The vulnerability affects several versions of PAN-OS, prompting users to take proactive measures to secure their systems.
Published: Thu Feb 13 05:57:47 2025 by llama3.2 3B Q4_K_M
The world of cybercrime has taken a disturbing turn with the increasing collaboration between nation-states and hackers seeking financial gains through ransomware. As this trend continues to grow, experts are sounding the alarm about the potential risks and implications for global cybersecurity.
Published: Thu Feb 13 07:06:35 2025 by llama3.2 3B Q4_K_M
North Korea has launched a new supply chain attack targeting cryptocurrency wallet owners, using a sophisticated JavaScript-based payload that hides itself in GitHub repositories and NPM packages. The "Operation Marstech Mayhem" campaign has already affected 233 individuals, highlighting the growing threat of North Korean cyberattacks and the need for organizations to adopt proactive security measures.
Published: Thu Feb 13 07:45:07 2025 by llama3.2 3B Q4_K_M
Achieving harmony between speed and security is no longer a distant dream but a tangible goal within our reach. By embracing innovative technologies like Android SafetyCore and adopting proactive strategies, teams can enjoy a faster and more secure workflow that benefits both development and cybersecurity efforts.
Published: Thu Feb 13 08:01:08 2025 by llama3.2 3B Q4_K_M
Uncovering the Dark Web: A Complex Web of Chinese Espionage and Ransomware Attacks
Published: Thu Feb 13 08:17:49 2025 by llama3.2 3B Q4_K_M
As AI-powered applications continue to transform the way we interact with technology, a new era of cybersecurity challenges has emerged. This article delves into the complexities of building secure GenAI applications and highlights the importance of leveraging AI to detect and respond to security threats.
Published: Thu Feb 13 08:28:10 2025 by llama3.2 3B Q4_K_M
The Seashell Blizzard APT Group's BadPilot Campaign: A Global Access Operation with Far-Reaching Consequences
A Russia-linked APT group has been behind a long-running global access operation, compromising infrastructure to support Russian cyber operations. Microsoft's research reveals the extent of the operation and its implications for global security.
Published: Thu Feb 13 08:48:15 2025 by llama3.2 3B Q4_K_M
Chinese espionage tools have been found to be used in a recent ransomware attack known as the RA World ransomware, highlighting the increasing sophistication and complexity of modern threat actors, particularly those linked to China. The use of espionage tools by Emperor Dragonfly suggests that there may be a blurring of lines between traditional espionage and financially motivated cybercrime activities.
Published: Thu Feb 13 10:05:29 2025 by llama3.2 3B Q4_K_M
Hackers have exploited a vulnerability in Webflow CDN to steal credit card information through a CAPTCHA trick. The attack targets users who click on links embedded with phishing pages, which then host real Cloudflare Turnstile CAPTCHA. Experts warn that individuals must remain vigilant and cautious when searching for documents online to avoid falling victim to such scams.
Published: Thu Feb 13 10:14:52 2025 by llama3.2 3B Q4_K_M
In a recent cyberattack, North Korean hackers have employed advanced techniques to breach South Korea's cybersecurity infrastructure. Leveraging PowerShell scripts and Dropbox, the attackers successfully infiltrated targeted environments, exfiltrating sensitive data through OAuth token-based authentication for Dropbox API interactions. This campaign marks another instance of North Korea's sophisticated tactics in targeting South Korea's business and government sectors.
Published: Thu Feb 13 10:23:53 2025 by llama3.2 3B Q4_K_M
Chinese-linked APTs have been linked to a recent RA World ransomware attack that used tools previously associated with espionage actors. The attackers demanded $2 million in ransom, reduced to $1 million if paid within three days.
Published: Thu Feb 13 10:45:39 2025 by llama3.2 3B Q4_K_M
US lawmakers are urging National Intelligence Director Tulsi Gabbard to oppose a UK demand for an Apple iCloud backdoor, which could compromise US cybersecurity and undermine civil liberties. The letter from Senators Wyden and Biggs highlights the risks of such a backdoor being implemented and demands answers about whether the Trump administration was aware of the move.
Published: Thu Feb 13 12:00:23 2025 by llama3.2 3B Q4_K_M
A recent data breach at Zacks Investment Research has exposed sensitive information of approximately 12 million customers, including their email addresses, passwords, names, phone numbers, and more. The company has yet to confirm the authenticity of this leak, but experts warn that it may have occurred in June 2024. This breach highlights the importance of robust cybersecurity measures for companies handling sensitive user data.
Published: Thu Feb 13 12:12:00 2025 by llama3.2 3B Q4_K_M
A pirate-themed survival game containing malware was uploaded to Steam and removed after causing concern among users. With an estimated 800 to 1,500 potential victims, the incident highlights the vulnerabilities of online gaming ecosystems and raises questions about Steam's security measures.
Published: Thu Feb 13 13:23:46 2025 by llama3.2 3B Q4_K_M
China's Salt Typhoon spy crew has compromised at least seven global telecommunications networks and exposed sensitive information to Chinese intelligence, with over 1,000 attempts to breach Cisco devices across the globe. The operation marks a significant escalation in the group's efforts to infiltrate major network providers.
Published: Thu Feb 13 13:51:45 2025 by llama3.2 3B Q4_K_M
Cyber espionage targeting Unmanned Aerial Vehicles (UAVs) and counter-UAV (C-UAV) technologies is on the rise. The Resecurity report highlights a significant increase in malicious activities targeting these advanced systems, particularly during active periods of local conflicts. As the use of UAVs becomes more widespread, it is essential to address the growing threat of cyber espionage targeting these systems.
Published: Thu Feb 13 14:27:31 2025 by llama3.2 3B Q4_K_M
A newly discovered vulnerability known as the "whoAMI" attack has been found to allow hackers to gain code execution on Amazon Web Services (AWS) EC2 instances by exploiting a name confusion attack that takes advantage of how software projects retrieve AMI IDs.
Published: Thu Feb 13 17:45:31 2025 by llama3.2 3B Q4_K_M
A recent investigation by WIRED and 404 Media has uncovered a disturbing trend in the online advertising industry, where Lithuanian ad-tech company Eskimi is allegedly selling sensitive location data on US military personnel overseas. The true nature of this data collection and sale process remains unclear, but the implications are stark. Could this be just the tip of the iceberg, or is this an isolated incident? As we delve deeper into this story, one thing becomes clear: the era of location data as a commodity has come to an end.
Published: Thu Feb 13 19:06:09 2025 by llama3.2 3B Q4_K_M
Chinese government-backed espionage groups are moonlighting as ransomware attackers, raising concerns about the blurring lines between state-sponsored cybercrime and traditional ransomware gangs. The recent attack by a Chinese government-backed espionage group is a stark reminder of the threats that we face in the digital age.
Published: Thu Feb 13 21:34:07 2025 by llama3.2 3B Q4_K_M
Recent SQL injection vulnerability found in PostgreSQL highlights the ever-present threat of cyber attacks on software applications, emphasizing the need for organizations to prioritize software security and stay vigilant in addressing emerging threats.
Published: Thu Feb 13 23:48:58 2025 by llama3.2 3B Q4_K_M
The Trump administration's executive orders are having far-reaching consequences for firefighters and communities in fire-prone areas. A freeze on federal funding during the prime training season has led to a crisis, with instructors quitting, workers uncertain about their ability to travel for training, and leadership positions remaining vacant. The situation is further complicated by Trump's executive orders demanding that agencies only hire one replacement for every four people who leave the government.
Published: Fri Feb 14 04:19:09 2025 by llama3.2 3B Q4_K_M
Apple has found itself under scrutiny for allegedly exempting itself from its own app tracking rules, raising questions about fairness, transparency, and competition law. Will the company's internal tracking practices be subject to greater oversight, or can it continue to operate with a clear conscience? Only time will tell.
Published: Fri Feb 14 04:40:17 2025 by llama3.2 3B Q4_K_M
Have I Been Pwned is set to ban resellers from accessing its service due to their "shitty" behavior and disproportionate demand on support resources. The move comes as the site seeks to prioritize its core mission of providing simple and streamlined experiences for its customers.
Published: Fri Feb 14 04:54:33 2025 by llama3.2 3B Q4_K_M
Zero-Day Vulnerability in PostgreSQL Exposed: A Critical Threat to Cybersecurity
A critical zero-day vulnerability has been discovered in the popular open-source database management system, PostgreSQL. The vulnerability could allow attackers to execute arbitrary code by using psql meta-commands, potentially leading to full system control. Experts are urging organizations to take immediate action to patch this vulnerability and ensure their systems are secure against exploitation.
Summary:
A zero-day vulnerability has been discovered in the popular open-source database management system, PostgreSQL. The critical flaw could allow attackers to execute arbitrary code by using psql meta-commands, potentially leading to full system control. Experts are urging organizations to take immediate action to patch this vulnerability and ensure their systems are secure against exploitation.
Published: Fri Feb 14 05:14:20 2025 by llama3.2 3B Q4_K_M
The far-right has launched a campaign of abuse against Codeberg, an open-source code repository used by thousands of developers worldwide. The attack highlights the ongoing struggle between those who seek to promote hate and intolerance, and those who are committed to preserving free speech and open-source software.
Published: Fri Feb 14 06:23:59 2025 by llama3.2 3B Q4_K_M
Two suspected New IRA members have been arrested and charged under the Terrorism Act 2000 after being found in possession of spreadsheets containing details of PSNI staff. The arrest is linked to a 2023 data breach that exposed nearly 10,000 staff members' personal information online.
Published: Fri Feb 14 06:31:19 2025 by llama3.2 3B Q4_K_M
A new era of social engineering has emerged with the advent of generative AI. This evolving field brings numerous new tools and techniques for attackers to access organizational data and exploit vulnerabilities. As IT leaders struggle to adapt to these emerging threats, it is crucial that organizations prioritize their cybersecurity defenses and adopt proactive measures to stay ahead of this rapidly changing threat landscape.
Published: Fri Feb 14 06:42:02 2025 by llama3.2 3B Q4_K_M
Microsoft has issued a warning about an emerging threat cluster known as Storm-2372, which is attributed to a new set of cyber attacks aimed at various sectors across Europe, North America, Africa, and the Middle East. The attacks have been linked to Russian interests and use a specific phishing technique called 'device code phishing' that tricks users into logging into productivity apps while capturing information from log-in tokens.
Published: Fri Feb 14 06:53:41 2025 by llama3.2 3B Q4_K_M
The rise of RansomHub marks a significant turning point in the ransomware landscape, with the threat actors targeting over 600 organizations globally and employing sophisticated tactics to evade detection. As the cybersecurity landscape continues to evolve, it is essential for organizations to prioritize their security posture and implement robust measures to protect against these increasingly complex attacks.
Published: Fri Feb 14 07:10:46 2025 by llama3.2 3B Q4_K_M
Chinese hackers have breached more US telecoms via unpatched Cisco routers, leaving these organizations vulnerable to a massive cyber-attack. The Salt Typhoon group, known for its prolific cyber-espionage activities, has exploited zero-day vulnerabilities in Cisco IOS XE network devices to gain unauthorized access to multiple telecommunications providers' networks.
Published: Fri Feb 14 08:26:33 2025 by llama3.2 3B Q4_K_M
The recent discovery of a critical PostgreSQL vulnerability has highlighted the ongoing risks associated with exploiting zero-day attacks on sensitive systems. Experts have warned that immediate action is necessary to address this vulnerability, emphasizing the importance of continuous monitoring, vulnerability management, and timely patching. The incident serves as a stark reminder of the need for robust security measures and incident response strategies in protecting against such threats.
Published: Fri Feb 14 08:41:20 2025 by llama3.2 3B Q4_K_M
A PostgreSQL zero-day vulnerability was exploited in a recent breach of BeyondTrust, highlighting the need for organizations to prioritize regular software updates and robust cybersecurity measures.
Published: Fri Feb 14 10:19:16 2025 by llama3.2 3B Q4_K_M
Malicious pirate game PirateFi has infected hundreds of Steam users with the Vidar malware, a type of infostealing software. The game was available on Steam for nearly a week before being removed following its discovery.
Published: Fri Feb 14 11:51:59 2025 by llama3.2 3B Q4_K_M
A critical vulnerability in SonicWall firewalls has been exploited by attackers shortly after a proof-of-concept exploit was released, emphasizing the need for immediate action from network administrators to update their systems and strengthen their defenses against such threats.
Published: Fri Feb 14 13:12:16 2025 by llama3.2 3B Q4_K_M
In a significant development, the Lazarus Group has been linked to the deployment of a previously undocumented JavaScript implant named Marstech1, which poses a sophisticated targeted attack against developers. The malware was delivered via means of an open-source repository hosted on GitHub and is capable of collecting system information and altering extension-related settings in various operating systems.
Published: Fri Feb 14 13:23:46 2025 by llama3.2 3B Q4_K_M
A new type of name confusion attack called "whoAMI" has been discovered that allows attackers to gain remote code execution within Amazon Web Services (AWS) accounts by exploiting a vulnerability in the AMI name filtering mechanism. The attack, which was disclosed recently, has the potential to affect thousands of AWS accounts and highlights the importance of secure software supply chain practices.
Published: Fri Feb 14 14:45:22 2025 by llama3.2 3B Q4_K_M
The Chinese hacking group Salt Typhoon has breached multiple U.S. telecommunications companies by exploiting vulnerabilities in Cisco IOS XE network devices, highlighting the ongoing efforts by hackers to compromise critical infrastructure and disrupt global supply chains.
Published: Fri Feb 14 15:12:30 2025 by llama3.2 3B Q4_K_M
Device code phishing, a previously overlooked attack method, has been used by Russian spies to hijack Microsoft 365 accounts since last August. The threat actors have successfully exploited the device code flow authentication mechanism, which is designed for logging printers and smart devices into accounts.
Published: Fri Feb 14 16:20:52 2025 by llama3.2 3B Q4_K_M
Palo Alto Networks PAN-OS Authentication Bypass: A Growing Security Concern
Hackers are exploiting a recently fixed vulnerability in Palo Alto Networks firewalls, allowing them to bypass authentication and gain access to sensitive system data. This exploit has the potential to compromise the integrity and confidentiality of organizations that rely on these firewalls for network security.
Published: Fri Feb 14 16:28:28 2025 by llama3.2 3B Q4_K_M
U.S. CISA adds SimpleHelp vulnerability to its Known Exploited Vulnerabilities catalog, warning of the potential for attackers to exploit this flaw and gain unauthorized access to sensitive data. This critical vulnerability highlights the importance of software patching and vulnerability management in protecting networks against attacks.
Published: Fri Feb 14 16:50:57 2025 by llama3.2 3B Q4_K_M
SonicWall firewalls have been left vulnerable to exploitation due to an unpatched high-severity authentication bypass bug. The vulnerability allows attackers to hijack active SSL VPN sessions and access sensitive information, highlighting the importance of prompt patching and proactive measures to address emerging threats.
Published: Fri Feb 14 18:12:14 2025 by llama3.2 3B Q4_K_M
Microsoft has warned about a series of sophisticated phishing ploys targeting high-value sectors across Europe, North America, Africa, and the Middle East. The phishing campaign, attributed to a group tracked as Storm-2372, aims to trick victims into providing sensitive information such as usernames, passwords, device authentication codes, and MFA responses.
Published: Fri Feb 14 19:22:35 2025 by llama3.2 3B Q4_K_M
The US Cybersecurity and Infrastructure Security Agency (CISA) has been forced to freeze all its efforts to aid states in securing their elections, following Trump's executive order and criticism from conservatives. This decision represents a significant shift in the agency's mission and marks a major blow to efforts to improve election security in the United States.
Published: Fri Feb 14 21:35:30 2025 by llama3.2 3B Q4_K_M
The launch of Elon Musk's Department of Government Efficiency (DOGE) website has been marred by security concerns, with experts revealing vulnerabilities and classified material being posted on the site. In this article, we will delve into the details of these security breaches and explore the implications for national security.
Published: Sat Feb 15 05:54:17 2025 by llama3.2 3B Q4_K_M
The cybersecurity landscape continues to evolve, with emerging threats and defensive measures being employed to counter them. This article delves into recent trends in cyber threats and defensive measures, highlighting the importance of regularly updating software, patching vulnerabilities, and taking proactive steps to improve identity security posture. From authentication bypass exploits to zero-day exploits, phishing scams to CAPTCHA tricks, this article provides an overview of the latest developments in cybersecurity and the need for organizations to stay vigilant in the face of emerging threats.
Published: Sat Feb 15 06:05:18 2025 by llama3.2 3B Q4_K_M
Microsoft 365 accounts have been targeted by hackers using a sophisticated phishing campaign that exploits device code authentication flows. The attackers were able to gain unauthorized access to emails and other sensitive data through a threat actor linked to Russia.
Published: Sat Feb 15 10:15:09 2025 by llama3.2 3B Q4_K_M
As the world continues to grapple with the implications of Data and Goliath, one thing becomes increasingly clear: protecting individual privacy will require a concerted effort from governments, corporations, and individuals themselves. Nearly a decade after Bruce Schneier's seminal book sounded the alarm on the rising tide of data collection, it remains an essential part of any effort to address this growing crisis.
Published: Sat Feb 15 10:29:48 2025 by llama3.2 3B Q4_K_M
Recently, a vulnerability was discovered in Palo Alto Networks PAN-OS firewalls, tracked as CVE-2025-0108, which has been exploited by threat actors to bypass authentication and invoke certain PHP scripts. This article will delve into the details of this vulnerability, its impact on cybersecurity, and what steps can be taken to secure vulnerable devices.
Published: Sat Feb 15 10:49:28 2025 by llama3.2 3B Q4_K_M
Recent updates from the U.S. CISA have highlighted the importance of patching vulnerabilities in Apple iOS, iPadOS, and Mitel SIP Phones as well as addressing other emerging security threats in the global cyber landscape.
Published: Sat Feb 15 13:19:38 2025 by llama3.2 3B Q4_K_M
Recent weeks have seen the emergence of new threats and tactics in the world of cyber espionage. State-sponsored actors and other malicious entities are increasingly employing AI-powered tools, zero-day exploits, and UAVs/C-UAV technologies in their operations. The latest round of the Security Affairs newsletter highlights these emerging trends, providing a snapshot of the evolving cybersecurity landscape.
In this article, we will delve into the details of these new threats and tactics, exploring the implications for global cybersecurity. From the use of AI-powered tools to the rise of zero-day exploits, we will examine the key developments in this space and their potential impact on individuals and organizations worldwide.
Published: Sat Feb 15 21:00:41 2025 by llama3.2 3B Q4_K_M
A global landscape of cybersecurity threats has emerged, with various vulnerabilities affecting critical infrastructure systems, mobile devices, and software packages. Proactive measures are necessary to mitigate the risk of data breaches and system compromise.
Published: Sun Feb 16 05:24:26 2025 by llama3.2 3B Q4_K_M
Unveiling the Shadowy Tactics of Storm-2372: A Device Code Phishing Campaign of Global Proportions. According to Microsoft Threat Intelligence researchers, a Russian-linked group has been employing a sophisticated device code phishing technique since August 2024, targeting governments and organizations across multiple regions.
Published: Sun Feb 16 09:46:28 2025 by llama3.2 3B Q4_K_M
Google has rolled out its AI-powered security feature, "Enhanced Protection," to all users of its Google Chrome browser, providing real-time protection against malicious websites and downloads. This significant update leverages machine learning algorithms to analyze patterns and warn users about potential threats, marking a major step forward in the use of AI for cybersecurity purposes.
Published: Sun Feb 16 19:04:06 2025 by llama3.2 3B Q4_K_M
A new malware has been identified as using Outlook email drafts for stealthy communication with its victims. The FinalDraft malware leverages a comprehensive toolset to carry out various illicit activities. This discovery underscores the need for robust cybersecurity measures and highlights the importance of ongoing vigilance in safeguarding against emerging threats.
Published: Sun Feb 16 19:14:30 2025 by llama3.2 3B Q4_K_M
Fujitsu warns of tariff threats to digital growth amid concerns over cybersecurity in Pacific islands. The company's forecast double-digit revenue growth target may be hard to achieve if US tariffs have a significant impact on digital projects.
Published: Sun Feb 16 20:01:13 2025 by llama3.2 3B Q4_K_M
Zyphra's latest TTS model, Zonos, has the potential to clone your voice with just five seconds of audio, making it one of the most impressive and alarming advancements in voice cloning history. With great power comes great responsibility, but this technology also holds promise for benevolent uses, such as helping those with speech disorders or accessibility needs.
Published: Sun Feb 16 20:18:23 2025 by llama3.2 3B Q4_K_M
A critical examination of Google's security vulnerabilities reveals two significant flaws that allow for the exploitation of user data, including email addresses. This raises concerns about design choices and the need for better security measures, highlighting the importance of prioritizing data protection in the face of ever-present threats of cybercrime.
Published: Sun Feb 16 21:27:40 2025 by llama3.2 3B Q4_K_M
The world of cybersecurity has never been more complex, with emerging threats and opportunities arising from every corner. This article delves into the latest trends in AI security, supply chain vulnerabilities, and cloud security, exploring strategies for improving security posture and navigating the complex global cybersecurity landscape.
Published: Mon Feb 17 04:58:16 2025 by llama3.2 3B Q4_K_M
A new Golang-based backdoor has been discovered that leverages the Telegram Bot API for command-and-control (C2) communications. Believed to have originated from Russian hackers, this malware showcases the increasing sophistication of threat actors in exploiting vulnerabilities and leveraging open-source libraries. With its use of cloud apps and Telegram's vast user base, this attack highlights the importance of staying vigilant and proactive in securing systems against evolving threats.
Published: Mon Feb 17 05:06:34 2025 by llama3.2 3B Q4_K_M
A pro-Russian collective has launched a series of DDoS attacks on Italian sites in response to comments made by Italian President Sergio Mattarella. The incident highlights the growing threat posed by state-sponsored hackers and the need for improved cybersecurity standards and regulations.
Published: Mon Feb 17 05:26:15 2025 by llama3.2 3B Q4_K_M
A new variant of the notorious XCSSET Mac malware has been identified with enhanced evasion techniques and improved persistence capabilities, posing a significant threat to macOS users. As the cybersecurity landscape continues to evolve, it is crucial that users take proactive measures to protect themselves against this type of malicious activity.
Published: Mon Feb 17 07:58:05 2025 by llama3.2 3B Q4_K_M
South Korea has suspended new downloads of Chinese AI chatbot DeepSeek due to concerns over data protection regulations and privacy violations. The move comes after the company's recent appointment of a local representative and security vulnerabilities were discovered in its Android and iOS apps.
Published: Mon Feb 17 08:05:07 2025 by llama3.2 3B Q4_K_M
Discover why Continuous Threat Exposure Management (CTEM) is the smart approach for proactive cybersecurity in our latest article. Learn how CTEM can help you protect your business from formjacking, ransomware, and other advanced threats.
Published: Mon Feb 17 08:13:18 2025 by llama3.2 3B Q4_K_M
Apple is facing a major security challenge with the discovery of a new XCSSET macOS malware variant designed to carry out crypto theft operations. Microsoft's Threat Intelligence team has identified enhanced code obfuscation, improved persistence mechanisms, and novel infection strategies in this latest iteration of the malware, posing significant threats to users' sensitive information.
Published: Mon Feb 17 10:37:52 2025 by llama3.2 3B Q4_K_M
X Blocks Signal Contact Links, Flags Them as Malicious: A New Era of Online Security Concerns
Recent changes on the social media platform X have sparked controversy among users who value online security and privacy. In this article, we explore the reasons behind X's decision to block Signal.me links, the potential implications for user data security, and what it means for the future of online communication.
Published: Mon Feb 17 11:45:26 2025 by llama3.2 3B Q4_K_M
New evidence has emerged that a previously unknown variant of the Apple macOS malware known as XCSSET is now actively being exploited in targeted attacks. According to Microsoft's latest findings, XCSSET boasts enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies designed to evade detection by security software. The origins of this malware remain unclear, but its sophisticated capabilities pose a significant threat to macOS users worldwide.
Published: Mon Feb 17 15:30:07 2025 by llama3.2 3B Q4_K_M
A new Golang-based backdoor has been discovered by Netskope Threat Labs, exploiting Telegram for C2 communication. The malware, which appears to be of Russian origin, poses a significant threat to individuals and organizations worldwide.
Published: Mon Feb 17 15:48:11 2025 by llama3.2 3B Q4_K_M
Lee Enterprises, a prominent newspaper publishing giant in the United States, has recently suffered a devastating cyberattack that has left its operations severely disrupted for over two weeks. The attack, which involved ransomware, has resulted in significant delays and disruptions to the distribution of print publications across the country, as well as limitations on online operations. In this article, we will delve into the details of the breach, its impact on Lee Enterprises' operations, and the measures being taken by the company to recover from the attack.
Published: Tue Feb 18 07:28:49 2025 by llama3.2 3B Q4_K_M
Indian authorities have seized over $200 million worth of cryptocurrency and assets linked to the collapsed BitConnect crypto scam, bringing another significant blow to one of the most notorious crypto scams in recent history. The Directorate of Enforcement has confirmed that it has recovered "various cryptocurrencies" valued at Rs. 1646 Crore ($190 million), along with Rs. 486 Crore ($56 million) worth of "movable and immovable properties" connected to the scandal.
Published: Tue Feb 18 07:39:27 2025 by llama3.2 3B Q4_K_M
Juniper Networks has issued a critical security advisory to address a severe vulnerability in its Session Smart Router products that could allow network-based attackers to bypass authentication and take control of susceptible devices. The vulnerability, tracked as CVE-2025-21589, carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3.
Published: Tue Feb 18 08:04:38 2025 by llama3.2 3B Q4_K_M
Recent data from Picus Labs' Red Report 2025 suggests that the hype surrounding AI-driven attacks may be overstated. Instead, tried-and-true tactics, techniques, and procedures (TTPs) remain the dominant force in the cyber threat landscape. Learn more about the most critical findings and trends shaping the year's most deployed adversarial campaigns and what steps cybersecurity teams need to take to respond to them.
Published: Tue Feb 18 08:13:22 2025 by llama3.2 3B Q4_K_M
A recently uncovered campaign by APT41, known as RevivalStone, has targeted Japanese firms in a sophisticated espionage operation. The group's use of custom toolsets and techniques highlights its ability to bypass security software and establish covert channels for persistent remote access. This article provides an in-depth look at the RevivalStone campaign and the implications for organizations worldwide.
Published: Tue Feb 18 08:22:34 2025 by llama3.2 3B Q4_K_M
Recent developments in the world of cybersecurity have revealed several significant threats, including vulnerabilities in Xerox printers that could allow attackers to capture Windows Active Directory credentials. These issues highlight the need for immediate attention from organizations to patch their systems and implement robust security measures. In addition, a vulnerability has been identified in a widely deployed healthcare software that could enable threat actors to access sensitive data. The importance of user behavior and password management is also emphasized, as well as the growing concern of identity debt in cybersecurity.
Published: Tue Feb 18 08:29:26 2025 by llama3.2 3B Q4_K_M
In recent times, cybercriminals have been exploiting various vulnerabilities to deploy malicious code on e-commerce sites, aiming to steal sensitive payment information from unsuspecting users. One such campaign has recently come to light, where threat actors have taken advantage of the "onerror" event in image tags to inject malware into websites running Magento platforms. This new attack vector is a significant escalation in the tactics employed by cybercriminals, and it poses a significant threat to the security of e-commerce sites.
Published: Tue Feb 18 08:37:12 2025 by llama3.2 3B Q4_K_M
Xerox VersaLink C7025 Multifunction printer flaws have been discovered, potentially exposing Windows Active Directory credentials to attackers. The vulnerabilities were identified by Rapid7 researchers and impact Xerox Versalink MFPs with Firmware Version 57.69.91 and earlier.
Published: Tue Feb 18 09:03:01 2025 by llama3.2 3B Q4_K_M
A new variant of the XCSSET macOS malware has been discovered by Microsoft Threat Intelligence, boasting enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies. This latest development highlights the ever-evolving threat landscape of cybersecurity, where attackers continually push the boundaries of what is possible with malware.
Published: Tue Feb 18 09:24:29 2025 by llama3.2 3B Q4_K_M
Fintech giant Finastra has been notified of a data breach that occurred in October 2024, resulting in the theft of personal information from unknown attackers. The company is providing notification letters and free credit monitoring services to affected individuals, but it is essential for those whose personal data was stolen to take additional steps to safeguard their identities.
Published: Tue Feb 18 11:01:57 2025 by llama3.2 3B Q4_K_M
US newspaper publisher Lee Enterprises has been hit by a "cybersecurity attack" according to a regulatory filing. The breach resulted in disruptions to various business operations and left many wondering if the attack was actually ransomware. As the company navigates this complex situation, it raises questions about preparedness, transparency, and accountability.
Published: Tue Feb 18 11:34:35 2025 by llama3.2 3B Q4_K_M
Researchers have disclosed two brand-new vulnerabilities in OpenSSH, a widely used open source implementation of the SSH protocol, that could be exploited by attackers to perform machine-in-the-middle (MitM) attacks on the client and pre-authentication denial-of-service (DoS) attacks on both the client and server.
Published: Tue Feb 18 11:54:32 2025 by llama3.2 3B Q4_K_M
The FBI and CISA are calling on the software development community to take action against buffer overflows, a type of memory corruption bug that can lead to catastrophic consequences. The agencies argue that testing, inspections, and safe coding practices can help prevent these issues, while also emphasizing the importance of cultural and personal factors in driving adoption of new technologies.
Published: Tue Feb 18 12:06:16 2025 by llama3.2 3B Q4_K_M
New OpenSSH Flaws Expose Critical Vulnerabilities to Man-in-the-Middle and Denial-of-Service Attacks
A recent discovery of two critical vulnerabilities in the widely used OpenSSH secure networking utility suite has highlighted the need for users to prioritize software security and stay up-to-date with the latest patches and updates. Follow us for more exclusive content on cybersecurity news, trends, and expert insights.
Published: Tue Feb 18 12:17:58 2025 by llama3.2 3B Q4_K_M
Recent analysis by Trend Micro revealed a novel technique used by Chinese state-sponsored threat actor Mustang Panda to evade detection and maintain control over infected systems. By exploiting legitimate Microsoft Windows utilities, these hackers are able to bypass security measures and continue their malicious activities undetected.
Published: Tue Feb 18 12:28:31 2025 by llama3.2 3B Q4_K_M
A new malware campaign known as FrigidStealer is targeting macOS users via fake browser updates, delivering a sophisticated information stealer designed specifically for Apple's operating system. The threat actor behind this malicious payload leverages fake update themed lures to distribute the malware, and its complexity highlights the evolving nature of cyber threats. Stay informed about emerging threats like FrigidStealer and take proactive measures to protect yourself from these ongoing cyber attacks.
Published: Tue Feb 18 12:37:42 2025 by llama3.2 3B Q4_K_M
A new wave of cyber espionage has hit Japanese organizations, specifically those in the manufacturing, materials, and energy sectors. Researchers from cybersecurity firm LAC have uncovered a new campaign dubbed RevivalStone, carried out by the China-linked APT group Winnti since March 2024. This article delves into the details of the attack and its implications for global security.
Published: Tue Feb 18 12:57:08 2025 by llama3.2 3B Q4_K_M
Chinese hackers abuse Microsoft APP-v tool to evade antivirus detection, injecting malware into legitimate processes via a vulnerability in the Application Virtualization (App-V) utility. This allows them to bypass traditional antivirus software and maintain undetected access to compromised systems.
Published: Tue Feb 18 14:20:27 2025 by llama3.2 3B Q4_K_M
Juniper Networks has issued a critical security update to address a severe authentication bypass vulnerability in its Session Smart routers, which could allow network-based attackers to gain unauthorized access to critical infrastructure. Organizations that use Juniper routers are advised to upgrade to patched software versions and take other necessary precautions to prevent similar incidents.
Published: Tue Feb 18 14:31:23 2025 by llama3.2 3B Q4_K_M
The use of phishing pages has evolved, with malicious actors now exploiting mobile wallets like Apple and Google to steal sensitive information. A new form of mobile fraud, dubbed "ghost tap," is on the rise, allowing cybercriminals to cash out mobile wallets by obtaining real point-of-sale terminals and using tap-to-pay on phone after phone. This article delves into the world of mobile phishing, exploring its tactics and implications for financial institutions.
Published: Tue Feb 18 14:39:25 2025 by llama3.2 3B Q4_K_M
Venture capital giant Insight Partners suffered a sophisticated social engineering attack that compromised some of its information systems, according to a statement released by the company. The breach occurred on January 16 and did not result in any additional disruptions to Insight's operations. While details regarding the nature of the attack are still unknown, the company has assured stakeholders that it will work diligently to determine the scope of the incident with the support of cybersecurity experts.
Published: Tue Feb 18 16:03:50 2025 by llama3.2 3B Q4_K_M
A recent report has uncovered a new variant of Snake Keylogger, which inflicts Windows systems with an AutoIt-compiled payload. The malware logs keystrokes, captures screenshots, and collects clipboard data to steal sensitive information, making it essential for users to stay vigilant and protect their systems from this new threat.
Published: Tue Feb 18 16:16:22 2025 by llama3.2 3B Q4_K_M
The Department of Government Efficiency's pursuit of sensitive data has sparked widespread concern among lawmakers, advocacy groups, and individual Americans. At least eight ongoing lawsuits have been filed against DOGE, with plaintiffs alleging that the agency's actions violate the Privacy Act and other laws. These suits involve a range of federal agencies, including the Office of Personnel Management, the Department of the Treasury, the Department of Education, and the Federal Emergency Management Agency. The outcome of these lawsuits is uncertain, but one thing is clear: the Department of Government Efficiency's quest for data has ignited a fierce debate about the limits of government power and the importance of protecting individual privacy.
Published: Tue Feb 18 16:26:59 2025 by llama3.2 3B Q4_K_M
Microsoft has detected a new variant of the XCSSET macOS malware family with enhanced features, including improved infection methods, obfuscation techniques, and enhanced payloads. The latest threat marks the first publicly known update since 2022 and raises concerns among developers and users.
Published: Tue Feb 18 17:47:33 2025 by llama3.2 3B Q4_K_M
In a recent move, Juniper Networks has addressed a critical flaw in their Session Smart Router products, which could allow attackers to bypass authentication and gain full control of the device. The vulnerability, tracked as CVE-2025-21589, presents a significant risk to network administrators and security professionals who rely on these routers for their operations. To stay ahead of this threat, it's essential to apply the latest software update immediately and remain informed about emerging vulnerabilities in the field of cybersecurity.
Published: Tue Feb 18 18:14:35 2025 by llama3.2 3B Q4_K_M
A growing number of cyber attacks are targeting Palo Alto Networks firewalls due to a combination of vulnerabilities in the PAN-OS software. Organizations must take immediate action to patch these vulnerabilities and secure their systems to avoid potential breaches.
Published: Tue Feb 18 19:39:21 2025 by llama3.2 3B Q4_K_M
Follow @EthHackingNews |