Malware & Threats Archives

SECURITYWEEK NETWORK:

ICS:

Hi, what are you looking for?

CVE-2024-21338 zero-day exploited by North Korea

Email Security

US Says North Korean Hackers Exploiting Weak DMARC Settings

The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks.

Ionut Arghire2 days ago

Cybercrime

Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals

A botnet dismantled in January and used by Russia-linked APT28 consisted of more than just Ubiquiti Edge OS routers.

Ionut Arghire2 days ago

Malware & Threats

Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push

Researchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program.

Ionut Arghire4 days ago

Malware & Threats

Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data

Cuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic.

Ryan Naraine4 days ago

Malware & Threats

Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server

The new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal.

Ionut Arghire4 days ago

Malware & Threats

Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover

Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.

Ionut Arghire5 days ago

Malware & Threats

Stealth Techniques Used in ‘Operation Triangulation’ iOS Attack Dissected

Kaspersky analyzes the stealth techniques that were used in the ‘Operation Triangulation’ iOS zero-click attacks.

Ionut ArghireOctober 24, 2023

Malware & Threats

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant

The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant.

Eduard KovacsOctober 24, 2023

Malware & Threats

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops

Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has started dropping.

Eduard KovacsOctober 23, 2023

Cybercrime

Authorities Shut Down RagnarLocker Ransomware Infrastructure

The RagnarLocker ransomware group’s dark web leak site has been seized in a coordinated law enforcement operation.

Ionut ArghireOctober 20, 2023

Malware & Threats

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000

The number of Cisco devices hacked via the CVE-2023-20198 zero-day has reached 40,000, including many in the US.

Eduard KovacsOctober 19, 2023

Cybercrime

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

Google says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks.

Ryan NaraineOctober 18, 2023

Malware & Threats

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability

Tens of thousands of Cisco devices have reportedly been hacked via the exploitation of the zero-day vulnerability CVE-2023-20198.

Eduard KovacsOctober 18, 2023

Malware & Threats

Signal Pours Cold Water on Zero-Day Exploit Rumors

Privacy-focused messaging firm Signal is pouring cold water on widespread rumors of a zero-day exploit in its popular encrypted chat app.

Ryan NaraineOctober 16, 2023

Malware & Threats

Spyware Caught Masquerading as Israeli Rocket Alert Applications

A threat actor targets Israelis with spyware masquerading as an Android application for receiving rocket alerts.

Ionut ArghireOctober 16, 2023

Data Breaches

SEC Investigating Progress Software Over MOVEit Hack

Progress Software confirms the SEC has launched its own investigation into costly ransomware zero-days in the MOVEit file transfer software.

Ionut ArghireOctober 12, 2023

Malware & Threats

Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin

A backdoor deployed on a compromised WordPress website poses as a legitimate plugin to hide its presence.

Ionut ArghireOctober 12, 2023

Application Security

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business

Microsoft patches more than 100 vulnerabilities across the Windows ecosystem and warned that three are already being exploited in the wild.

Ryan NaraineOctober 10, 2023

Page 13 of 477« First ‹ Previous 9 10 11 121314 15 16 17 Next ›Last »

SECURITYWEEK NETWORK:

ICS:

Email Security

US Says North Korean Hackers Exploiting Weak DMARC Settings

Cybercrime

Botnet Disrupted by FBI Still Used by Russian Spies, Cybercriminals

Malware & Threats

Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push

Malware & Threats

Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data

Malware & Threats

Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server

Malware & Threats

Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover

Malware & Threats

Stealth Techniques Used in ‘Operation Triangulation’ iOS Attack Dissected

Malware & Threats

Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant

Malware & Threats

Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops

Cybercrime

Authorities Shut Down RagnarLocker Ransomware Infrastructure

Malware & Threats

Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,000

Cybercrime

Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw

Malware & Threats

Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability

Malware & Threats

Signal Pours Cold Water on Zero-Day Exploit Rumors

Malware & Threats

Spyware Caught Masquerading as Israeli Rocket Alert Applications

Data Breaches

SEC Investigating Progress Software Over MOVEit Hack

Malware & Threats

Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin

Application Security

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business

Featured

CISO Strategy

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report

Data Breaches

Hackers Compromised Dropbox eSignature Service

CISO Conversations

CISO Conversations: LinkedIn’s Geoff Belknap and Meta’s Guy Rosen

Incident Response

UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike

Vulnerabilities

Vulnerability in R Programming Language Could Fuel Supply Chain Attacks

Artificial Intelligence

CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure

Identity & Access

Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies

Latest News

Cybercrime

French Cyberwarriors Ready to Test Their Defense Against Hackers and Malware During the Olympics

Cyberwarfare

German Foreign Minister Says Russia will Face Consequences for Monthslong Cyber Espionage

Cloud Security

LayerX Raises $26 Million for Browser Security Platform

Data Protection

In Other News: Locked Shields 2024, Data Exposure Bugs, NVIDIA Patches

Vulnerabilities

CISA, FBI Urge Organizations to Eliminate Path Traversal Vulnerabilities

Nation-State

ArcaneDoor Espionage Campaign Targeting Cisco Firewalls Linked to China

Artificial Intelligence

Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster