North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
A "highly operational, destructive, and sophisticated nation-state activity group" with ties to North Korea has been weaponizing open source software in their social engineering...
Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
An espionage-focused threat actor has been observed using a steganographic trick to conceal a previously undocumented backdoor in a Windows logo in its attacks...
New NullMixer Malware Campaign Stealing Users’ Payment Data and Credentials
Cybercriminals are continuing to prey on users searching for cracked software by directing them to fraudulent websites hosting weaponized installers that deploy malware called...
RCE Bug in ZOHO Products Let Hackers Execute Arbitrary Code Remotely
CISA’s bug catalog has been updated with a new vulnerability related to Java deserialization, which has been exploited in the wild by malicious threat...
New Go-based Malware Attack Windows & Linux Systems
The cybersecurity researchers at Lumen’s Black Lotus Labs asserted that in order to mine crypto-currencies and launch DDoS attacks, hackers are deploying an existing...
Cisco Warns of High-Severity Unpatched Flaw Affecting IP Phones Firmware
Dec 10, 2022Ravie LakshmananEnterprise Security / IP Phones
Cisco has released a new security advisory warning of a high-severity flaw affecting IP Phone 7800...
Experts Uncover 85 Apps with 13 Million Downloads Involved in Ad Fraud Scheme
As many as 75 apps on Google Play and 10 on Apple App Store have been discovered engaging in ad fraud as part of...
LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen
Dec 23, 2022Ravie LakshmananPassword Management / Data Breach
The August 2022 security breach of LastPass may have been more severe than previously disclosed by...
BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal
The BlackCat ransomware crew has been spotted fine-tuning their malware arsenal to fly under the radar and expand their reach.
"Among some of the more...
BIND DNS Software High-Severity Flaws Let Hackers Trigger the Attack
The ISC (Internet Systems Consortium) released a security patch this week in an attempt to address six vulnerabilities that could allow remote attackers to...