Stay Updated with the Latest Tech News
Get ahead of the curve with the latest insights, trends, and analysis in the tech world.
Browse by Category
New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools
A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions. "To exploit this technique, a user must be convinced to run a program that uses UI Automation," Akamai security researcher Tomer Peled said in a report shared with The Hacker News. "
Published on: December 11, 2024 | Source:
Share on Facebook
Share in Tweet (rip twitter)
Share on LinkedIn
Share on Reddit
Share on Threads
Share on Bluesky
Latest round of MITRE ATT&CK evaluations put cybersecurity products through rigors of ransomwareย
The sixth round of tests included two ransomware variants, while also incorporating macOS for the first time. The post Latest round of MITRE ATT&CK evaluations put cybersecurity products through rigors of ransomware appeared first on CyberScoop.
Published on: December 11, 2024 | Source:Tips for Preventing Breaches in 2025
Hackers are constantly evolving, and so too should our security protocols.
Published on: December 11, 2024 | Source:Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts
Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim's account. "The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide the
Published on: December 11, 2024 | Source:ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms
Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. "Zloader 2.9.4.0 adds notable improvements including a custom DNS tunnel protocol for C2 communications and an interactive shell
Published on: December 11, 2024 | Source:Why Americans must be prepared for cybersecurityโs worst
A Republican congressman from Texas makes the case for cybersecurity as โa cornerstoneโ of the GOP agenda. The post Why Americans must be prepared for cybersecurityโs worst appeared first on CyberScoop.
Published on: December 11, 2024 | Source:Jailbreaking LLM-Controlled Robots
Surprising no one, itโs easy to trick an LLM-controlled robot into ignoring its safety instructions.
Published on: December 11, 2024 | Source:Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017
Cybersecurity researchers have discovered a novel surveillance program that's suspected to be used by Chinese police departments as a lawful intercept tool to gather a wide range of information from mobile devices. The Android tool, codenamed EagleMsgSpy by Lookout, has been operational since at least 2017, with artifacts uploaded to the VirusTotal malware scanning platform as recently as
Published on: December 11, 2024 | Source:What is Nudge Security and How Does it Work?
Regain control of SaaS sprawl with Day One discovery of all SaaS and GenAI accounts along with workflows to help you mitigate security risks, curb rogue app usage, and manage SaaS spend. In todayโs highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and SaaS technologies whenever and wherever they need. While this has been a critical boon to
Published on: December 11, 2024 | Source:Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia
A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air traffic control organization, a telecoms company, and a media outlet, the Symantec Threat Hunter Team
Published on: December 11, 2024 | Source:Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity. Thirty-one of the vulnerabilities are remote code execution flaws, and 27 of them allow for the
Published on: December 11, 2024 | Source:Governments, Telcos Ward Off China's Hacking Typhoons
Infiltrating other nations' telecom networks is a cornerstone of China's geopolitical strategy, and it's having the unintended consequence of driving the uptake of encrypted communications.
Published on: December 11, 2024 | Source:U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit wire fraud. Guan has been
Published on: December 11, 2024 | Source:Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows - CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote
Published on: December 11, 2024 | Source:Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Commonโฆ Read More ยป
Published on: December 11, 2024 | Source:Microsoft closes 2024 with extensive security update
Adobe, too. The post Microsoft closes 2024 with extensive security update appeared first on CyberScoop.
Published on: December 11, 2024 | Source:Snowflake Rolls Out Mandatory MFA Plan
As part of the commitment to CISA's Secure by Design pledge, Snowflake will begin blocking sign-ins using single-factor authentication next year.
Published on: December 10, 2024 | Source:FCC Proposes New Cybersecurity Rules for Telecoms
FCC Chairwoman Jessica Rosenworcel recommended "urgent action" to safeguard the nation's communications systems from real and present cybersecurity threats.
Published on: December 10, 2024 | Source:Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
Published on: December 10, 2024 | Source:'Termite' Ransomware Likely Behind Cleo Zero-Day Attacks
The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks.
Published on: December 10, 2024 | Source:Wyden legislation would mandate FCC cybersecurity rules for telecoms
It would go beyond the FCCโs own proposal to regulate telecommunications carriers under federal wiretapping law. The post Wyden legislation would mandate FCC cybersecurity rules for telecoms appeared first on CyberScoop.
Published on: December 10, 2024 | Source:Scottish Parliament TV at Risk From Deepfakes
Because the streaming service website offers no content restrictions, attackers are able to hijack and manipulate live streams.
Published on: December 10, 2024 | Source:Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack
The departmentโs Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls. The post Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack appeared first on CyberScoop.
Published on: December 10, 2024 | Source:Cybercrime Gangs Abscond With Thousands of Orgs' AWS Credentials
The Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.
Published on: December 10, 2024 | Source:Cybercrime Gangs Abscond With Thousands of AWS Credentials
The Nemesis and ShinyHunters attackers scanned millions of IP addresses to find exploitable cloud-based flaws, though their operation ironically was discovered due to a cloud misconfiguration of their own doing.
Published on: December 10, 2024 | Source:Cleo File Transfer Vulnerability Under Exploitation โ Patch Pending, Mitigation Urged
Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts Cleo's LexiCom,
Published on: December 10, 2024 | Source:Lessons From the Largest Software Supply Chain Incidents
The software supply chain is a growing target, and organizations need to take special care to safeguard it.
Published on: December 10, 2024 | Source:Steady leadership prepares TSA to face evolving cyber threats
New presidents bring new policies. But amid rapidly expanding cyber threats, steady leadership at the federal agencies charged with securing critical infrastructure is, well, critical. David Pekoske, a retired U.S. Coast Guard vice admiral and administrator of the Transportation Security Administration, is uniquely positioned to provide that leadership. Congress showed foresight in 2018 by creating [โฆ] The post Steady...
Published on: December 10, 2024 | Source:Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam
Cybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zimperium zLabs Vishnu Pratapagiri researcher said in a new report. "As part of their fraudulent hiring process, the
Published on: December 10, 2024 | Source:Full-Face Masks to Frustrate Identification
This is going to be interesting. Itโs a video of someone trying on a variety of printed full-face masks. They wonโt fool anyone for long, but will survive casual scrutiny. And theyโre cheap and easy to swap.
Published on: December 10, 2024 | Source:The Future of Network Security: Automated Internal and External Pentesting
In todayโs rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated internal and external network pentesting is a game-changing solution, empowering organizations to stay
Published on: December 10, 2024 | Source:How cyber-secure is your business? | Unlocked 403 cybersecurity podcast (ep. 8)
As cybersecurity is a make-or-break proposition for businesses of all sizes, can your organization's security strategy keep pace with todayโs rapidly evolving threats?
Published on: December 10, 2024 | Source:Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands
Belgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims' financial data and funds. As part of the international operation, law enforcement agencies carried out 17 searches in different locations in Belgium and the Netherlands, Europol said. In addition, large amounts of cash,
Published on: December 10, 2024 | Source:Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage
A suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye. The intrusions took place from late June to mid-July 2024, cybersecurity companies SentinelOne SentinelLabs and Tinexta Cyber said in a joint report shared with The Hacker News, adding
Published on: December 10, 2024 | Source:Sprawling 'Operation Digital Eye' Attack Targets European IT Orgs
A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack.
Published on: December 10, 2024 | Source: