Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking
Nov 25, 2024
Categories
Top Articles
NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
Nov 22, 2024
Financial Software Company Finastra Investigates Recent Security Incident
Nov 21, 2024
Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Nov 21, 2024
Apple, Oracle, and Apache Issue Critical Updates for Actively Exploited and High-Risk Vulnerabilities
Nov 20, 2024
Jun 02, 2023
Attackers Exploit Critical Zero-Day Vulnerability in MOVEit Transfer
Attackers Exploit Critical Zero-Day Vulnerability in MOVEit Transfer [Update] July 18, 2023: A notorious cybercrime group’s MOVEit attack has affected 340 organizations and over 18 million indiv...
Learn More
Jun 01, 2023
CVE-2023-33733 Vulnerability in ReportLab Allows Bypassing Sandbox Res...
CVE-2023-33733 Vulnerability in ReportLab Allows Bypassing Sandbox Restrictions A proof-of-concept (PoC) exploit and a technical write-up for a ReportLab vulnerability are now available. The...
Learn More
May 31, 2023
Android Spyware SpinOk Affects Over 420M Installations on Google Play
Android Spyware SpinOk Affects Over 420M Installations on Google Play Researchers have discovered a new Android trojan, and they track it as “SpinOk.” The trojan is distributed a...
Learn More
May 30, 2023
Exposed Forum Reveals RaidForums Database: 478K Members' Details Leake...
Exposed Forum Reveals RaidForums Database: 478K Members’ Details Leaked A database for the infamous RaidForums has been made public. An administrator posted the database on a new hacki...
Learn More
May 29, 2023
Google's New ZIP Domain Could Be Used for Phishing and Malware Attacks
Google’s New ZIP Domain Could Be Used for Phishing and Malware Attacks Security researchers have found how attackers could potentially exploit the new ZIP TLD offered by Google. A new ...
Learn More
May 26, 2023
Apache HTTP Server Vulnerability CVE-2023-25690: PoC Available
Apache HTTP Server Vulnerability CVE-2023-25690: PoC Available The Apache Foundation announced on March 7, 2023, that they had addressed CVE-2023-25690 in Apache HTTP Server 2.4.56. The fix,...
Learn More
May 25, 2023
Luxottica Data Leak Exposes Over 70M Customers' Data
Luxottica Data Leak Exposes Over 70M Customers’ Data Luxottica, the world’s largest eyewear company, has revealed that it was the victim of a major cyber attack. The attack exposed the personal inform...
Learn More
May 24, 2023
Cloud Threat Actor Spotlight: GUI-vil's Strategies in AWS Compromises
Cloud Threat Actor Spotlight: GUI-vil’s Strategies in AWS Compromises Researchers have been tracking a financially motivated threat group known as GUI-vil (aka p0-LUCR-1), based in Indonesia, wh...
Learn More
May 22, 2023
IcedID Macro Attacks Deploy Nokoyawa Ransomware
IcedID Macro Attacks Deploy Nokoyawa Ransomware Malicious actors frequently resort to alternative techniques to gain initial access, such as employing diverse file formats and payloads. It is importan...
Learn More
May 18, 2023
G7: Cybersecurity Reflections
G7: Cybersecurity Reflections The G7 Cybersecurity Summit 2023 is just around the corner and is being held in Hiroshima, Japan, which is a city that was devastated by an atomic bomb attack in 1945, no...
Learn More
May 18, 2023
Vulnerability in KeePass Password Manager Permits Retrieving Master Pa...
Vulnerability in KeePass Password Manager Permits Retrieving Master Password (CVE-2023-32784) [Update] June 6, 2023: KeePass has fixed the CVE-2023-32784 vulnerability in version 2.54. Attacks leverag...
Learn More
May 17, 2023
Network Devices Under Threat: Mustang Panda Targets TP-Link Routers, C...
Network Devices Under Threat: Mustang Panda Targets TP-Link Routers, Critical Teltonika Vulnerabilities The attacks targeting European foreign affairs entities since January 2023 have been attributed...
Learn More
May 15, 2023
Recent Data Breaches: Capita, Toyota, and Discord
Recent Data Breaches: Capita, Toyota, and Discord [Update] June 6, 2023: Capita was previously unable to confirm whether hackers had exfiltrated any data. Some USS (Universities Superannuation Scheme...
Learn More
May 12, 2023
Essential Addons for Elementor WordPress Plugin Allows Privilege Escal...
Essential Addons for Elementor WordPress Plugin Allows Privilege Escalation (CVE-2023-32243) A popular WordPress plugin called Essential Addons for Elementor has a security vulnerability, tracked as C...
Learn More
May 11, 2023
Scammers Distribute Malware via Verified Account Ads on Facebook
Scammers Distribute Malware via Verified Account Ads on Facebook Scamming campaigns frequently involve threat actors impersonating businesses or significant individuals. However, a recent trend of Fac...
Learn More
May 10, 2023
Increased Healthcare Security Breaches in 2022
Increased Healthcare Security Breaches in 2022 Data from the US government shows that there has been a significant increase in healthcare security breaches. At least 125 data breaches of healthcare o...
Learn More
May 10, 2023
Microsoft's May 2023 Patch Tuesday Addresses Three Zero-Day Vulnerabil...
Microsoft’s May 2023 Patch Tuesday Addresses Three Zero-Day Vulnerabilities Microsoft has released the May 2023 Patch Tuesday update and it addresses 40 security vulnerabilities. The patch addre...
Learn More
May 10, 2023
Ever-Changing Tactics on Social Engineering
Ever-Changing Tactics on Social Engineering In today’s digital age, cyber threats are becoming increasingly common, and one of the most prevalent types of attacks is phishing. Phishing involves ...
Learn More
May 09, 2023
Money Message Ransomware Leaks MSI Signing Keys for Intel Boot Guard
Money Message Ransomware Leaks MSI Signing Keys for Intel Boot Guard MSI, a leading Taiwanese PC manufacturer, suffered a ransomware attack last month. The threat actors behind the...
Learn More
May 08, 2023
Cactus Ransomware Employs Unique Encryption Techniques to Avoid Detect...
Cactus Ransomware Employs Unique Encryption Techniques to Avoid Detection Researchers discovered a new ransomware group called Cactus, operating since at least March 2023. Cactus steals data and ...
Learn More
