Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
Managing Threats When Most of the Security Team Is Out of the Office
During holidays and slow weeks, teams thin out and attackers move in.Here are strategies to bridge gaps, stay vigilant, and keep systems secure during those lulls.
Published on: December 20, 2024 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware
The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The attacks, which culminated in the deployment of a new modular backdoor referred to as CookiePlus, are
Published on: December 20, 2024 | Source:ESET Research Podcast: Telekopye, again
Take a peek into the murky world of cybercrime where groups of scammers who go by the nickname of 'Neanderthalsβ wield the Telekopye toolkit to ensnare unsuspecting victims they call 'Mammoths'
Published on: December 20, 2024 | Source:Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack
The developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware. Following the discovery, versions 1.1.7 of both libraries have been unpublished from the npm registry. The latest
Published on: December 20, 2024 | Source:Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation
Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list of vulnerabilities is as follows -
Published on: December 20, 2024 | Source:Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending specially crafted
Published on: December 20, 2024 | Source:CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2024-12356 (CVSS score: 9.8), is a command injection flaw that
Published on: December 20, 2024 | Source:Study finds βsignificant uptickβ in cybersecurity disclosures to SEC
However, less than 10% of the disclosures addressed the material impacts of the security incidents. The post Study finds βsignificant uptickβ in cybersecurity disclosures to SEC appeared first on CyberScoop.
Published on: December 19, 2024 | Source:OT/ICS Engineering Workstations Face Barrage of Fresh Malware
Cyberattacks against OT/ICS engineering workstations are widely underestimated, according to researchers who discovered malware designed to shut down Siemens workstation engineering processes.
Published on: December 19, 2024 | Source:Fortinet Addresses Unpatched Critical RCE Vector
Fortinet has patched CVE-2023-34990 in its Wireless LAN Manager (FortiWLM), which combined with CVE-2023-48782 could allow for unauthenticated remote code execution (RCE) and the ability to read all log files.
Published on: December 19, 2024 | Source:Israeli court to hear U.S. extradition request for alleged LockBit developer
Rostislav Panev allegedly served as a software developer for LockBit. The post Israeli court to hear U.S. extradition request for alleged LockBit developer appeared first on CyberScoop.
Published on: December 19, 2024 | Source:Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2
A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since patching isn't enough to fix it.
Published on: December 19, 2024 | Source:Bridging the 'Keyboard-to-Chair' Gap With Identity Verification
Modern identity verification (IDV) approaches aim to connect digital credentials and real-world identity without sacrificing usability.
Published on: December 19, 2024 | Source:Vendors Chase Potential of Non-Human Identity Management
Non-human identities authenticate machine-to-machine communication. The big challenge now is to secure their elements and processes β before attackers can intercept.
Published on: December 19, 2024 | Source:Web Hacking Service βAraneidaβ Tied to Turkish IT Firm
Cybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey.
Published on: December 19, 2024 | Source:Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets
The CNCERT said it had βhandledβ two attacks on Chinese tech companies, which it attributed to an unnamed suspected U.S. intelligence agency. The post Chinese cyber center points finger at U.S. over alleged cyberattacks to steal trade secrets appeared first on CyberScoop.
Published on: December 19, 2024 | Source:Malvertisers Fool Google With AI-Generated Decoy Content
Seemingly innocent "white pages," including an elaborate Star Wars-themed site, are bypassing Google's malvertising filters, showing up high in search results to lure users to second-stage phishing sites.
Published on: December 19, 2024 | Source:CISA Releases Draft of National Cyber Incident Response Plan
The draft of the long-awaited update to the NCIRP outlines the efforts, mechanisms, involved parties, and decisions the US government will use in response to a large-scale cyber incident.
Published on: December 19, 2024 | Source:Mailbox Insecurity
It turns out that all cluster mailboxes in the Denver area have the same master key. So if someone robs a postal carrier, they can open any mailbox. I get that a single master key makes the whole system easier, but itβs very fragile security.
Published on: December 19, 2024 | Source:Ukrainian sentenced to five years in jail for work on Raccoon Stealer
Ukrainian national Mark Sokolovsky was sentenced Wednesday to five years in federal prison for his role in operating Raccoon Infostealer malware, which infiltrated millions of computers worldwide to steal personal data. According to court documents, Sokolovsky, 28, was integral to operations that allowed the leasing of Raccoon Infostealer for $200 per month, payable via cryptocurrency. [β¦] The post Ukrainian sentenced...
Published on: December 19, 2024 | Source:Supply Chain Risk Mitigation Must Be a Priority in 2025
A balance of rigorous supplier validation, purposeful data exposure, and meticulous preparation is key to managing and mitigating risk.
Published on: December 19, 2024 | Source:Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescript_eslinter/eslint and types-node, are engineered to download a trojan and retrieve second-stage payloads, respectively. "While typosquatting attacks are
Published on: December 19, 2024 | Source:Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords
Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The company said it's issuing the advisory after "several customers" reported anomalous behavior on their Session Smart Network (SSN) platforms on December 11, 2024. "These systems have been infected with the Mirai
Published on: December 19, 2024 | Source:Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information. The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0. It was originally fixed by Fortinet back on August 18, 2023, but without a CVE designation. The list of supported FortiOS
Published on: December 19, 2024 | Source:Unwrapping Christmas scams | Unlocked 403 cybersecurity podcast (ep. 9)
ESET's Jake Moore reveals why the holiday season is a prime time for scams, how fraudsters prey on victims, and how AI is supercharging online fraud
Published on: December 19, 2024 | Source:Unwrapping Christmas scams | Unlocked 403 cybersecurity podcast (special edition)
ESET's Jake Moore reveals why the holiday season is a prime time for scams, how fraudsters prey on victims, and how AI is supercharging online fraud
Published on: December 19, 2024 | Source:CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines. "Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls,
Published on: December 19, 2024 | Source:Dutch DPA Fines Netflix β¬4.75 Million for GDPR Violations Over Data Transparency
The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix 4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020. An investigation launched by the DPA in 2019 found that the tech giant did not inform customers clearly enough in its privacy statement about what it does with the data
Published on: December 19, 2024 | Source:UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by the Ministry of Defence back in August 2024 in an effort to make the armed forces go paperless. Users who visit the
Published on: December 19, 2024 | Source:India Sees Surge in API Attacks, Especially in Banking, Utilities
The number of DDoS-related incidents targeting APIs have jumped by 30x compared with traditional Web assets, suggesting that attackers see the growing API landscape as the more attractive target.
Published on: December 19, 2024 | Source:Interpol: Can We Drop the Term 'Pig Butchering'?
The agency asks the cybersecurity community to adopt "romance baiting" in place of dehumanizing language.
Published on: December 18, 2024 | Source:Recorded Future: Russia's 'Undesirable' Designation Is a Compliment
The threat intelligence business, which is set to be acquired by Mastercard for billions, is officially vendor non grata in Putin's regime.
Published on: December 18, 2024 | Source:Russia bans cybersecurity company Recorded Future
The designation won cheers from the CEO of the firm, believed to be the first information security company to garner the label. The post Russia bans cybersecurity company Recorded Future appeared first on CyberScoop.
Published on: December 18, 2024 | Source:CISA pushes guide for high-value targets to secure mobile devices
The guide comes as the government continues to deal with the fallout of the Salt Typhoon hack. The post CISA pushes guide for high-value targets to secure mobile devices appeared first on CyberScoop.
Published on: December 18, 2024 | Source:Phishers Spoof Google Calendar Invites in Fast-Spreading, Global Campaign
Attackers are using links to the popular Google scheduling app to lead users to pages that steal credentials, with the ultimate goal of committing financial fraud.
Published on: December 18, 2024 | Source: