Chinese state-sponsored hackers, Salt Typhoon, used the JumbledPath utility in their attacks against US telecommunication providers to stealthily monitor network traffic and potentially steal sensitive data, a new Cisco report revealed. In the report published by Cisco Talos on February 20, the researchers confirmed Salt Typhoon gained access to core networking infrastructure through Cisco devices
admin
A North Korea-aligned activity cluster tracked by ESET as DeceptiveDevelopment drains victims’ crypto wallets and steals their login details from web browsers and password managers 20 Feb 2025 ESET researchers have observed a malicious campaign where North Korea-aligned threat actors, posing as headhunters, target freelance software developers with info-stealing malware. The activities – named DeceptiveDevelopment
Feb 21, 2025Ravie LakshmananData Protection / Encryption Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg. ADP for iCloud is an optional setting that ensures that users’ trusted devices
A new malware campaign targeting freelance developers has been using deceptive job advertisements to trick them into downloading malicious software disguised as legitimate tools. The campaign primarily spreads through GitHub repositories and relies on freelancers’ eagerness to secure remote work opportunities. The attackers pose as reputable companies, offering freelance developers attractive job opportunities. To make
Some employment scams take an unexpected turn as cybercriminals shift from “hiring” to “firing” staff Phil Muncaster 18 Feb 2025 • , 5 min. read Most of us are in a job or looking for one. Or both. That’s largely why employment and work-from-home scams are so popular among cybercriminals (and even some state-aligned threat
Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret. The activity, linked to North Korea, has been codenamed DeceptiveDevelopment, which overlaps with clusters tracked under the names Contagious Interview (aka CL-STA-0240), DEV#POPPER, Famous Chollima, PurpleBravo, and Tenacious Pungsan. The
A critical vulnerability in the Jupiter X Core WordPress plugin, used on over 90,000 websites, has been identified by security researchers. The flaw, discovered on January 6, allows attackers with contributor privileges or higher to upload malicious SVG files and execute remote code on vulnerable servers. The issue (CVE-2025-0366) has been given a CVSS score
Ever wondered what it’s like to hack for a living – legally? Learn about the art and thrill of ethical hacking and how white-hat hackers help organizations tighten up their security. 12 Feb 2025 What if breaking into computer systems, tricking people into handing over passwords, and even sneaking into buildings was part of your
Feb 19, 2025Ravie LakshmananMobile Security / Cyber Espionage Multiple Russia-aligned threat actors have been observed targeting individuals of interest via the privacy-focused messaging app Signal to gain unauthorized access to their accounts. “The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the app’s legitimate ‘linked devices’
Two significant security vulnerabilities in networking utility OpenSSH have been uncovered by security researchers. These flaws, identified as CVE-2025-26465 and CVE-2025-26466, pose risks of man-in-the-middle (MitM) and denial-of-service (DoS) attacks. The vulnerabilities, reported by the Qualys Security Advisory team, have prompted the release of OpenSSH 9.9p2, which addresses these issues. Details of the Vulnerabilities CVE-2025-26465:
WeLiveScience The atmospheric scientist makes a compelling case for a head-to-heart-to-hands connection as a catalyst for climate action 17 Feb 2025 Most people acknowledge that climate change is real and human-driven, yet many still struggle to see how it directly affects their lives. To bridge this gap, Dr. Katharine Hayhoe introduces a simple but powerful
Feb 18, 2025Ravie LakshmananVulnerability / Network Security Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below – CVE-2025-26465
A pro-Russia hacker group, NoName057(16), has launched a wave of DDoS (distributed denial-of-service) attacks targeting key Italian organizations. Early on Monday, the group disrupted the websites of major airports in Milan, including Linate and Malpensa, as well as the Transport Authority, the Intesa San Paolo bank and the ports of Taranto and Trieste. The attacks were
Kids Online The virtual treasure chests and other casino-like rewards inside your children’s games may pose risks you shouldn’t play down 13 Feb 2025 • , 5 min. read Historically, many video games followed a straightforward economic model: pay once, play forever. These days, however, purchasing a game is often just the beginning. At the
Feb 17, 2025Ravie LakshmananEndpoint Security / Malware Microsoft said it has discovered a new variant of a known Apple macOS malware called XCSSET as part of limited attacks in the wild. “Its first known variant since 2022, this latest XCSSET malware features enhanced obfuscation methods, updated persistence mechanisms, and new infection strategies,” the Microsoft Threat
Chinese-linked espionage tools have been deployed in a ransomware attack, highlighting possible new links between China nation-state activity and cybercrime. Symantec researchers observed the connection while analyzing a ransomware attack against an Asian software and services company in November 2024. This attack resulted in the network’s machines being encrypted with the RA World ransomware, with
Feb 14, 2025Ravie LakshmananBrowser Security / Cryptocurrency The North Korean threat actor known as the Lazarus Group has been linked to a previously undocumented JavaScript implant named Marstech1 as part of limited targeted attacks against developers. The active operation has been dubbed Marstech Mayhem by SecurityScorecard, with the malware delivered by means of an open-source
The UK’s AI Safety Institute has rebranded to the AI Security Institute as the government shifts its AI strategy to focus on serious AI risks with security implications, including malicious cyber-attacks, cyber fraud and other cybercrimes. The UK Technology Secretary Peter Kyle announced the pivot at the Munich Security Conference, three days after the AI Action Summit
Feb 15, 2025Ravie LakshmananMobile Security / Technology Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The
Multiple Russian nation-state actors are targeting sensitive Microsoft 365 accounts via device code authentication phishing, a new analysis by Volexity has revealed. The firm first observed this activity towards the end of January 2025, when the M365 account of one of its customers was successfully compromised in a highly targeted attack. The technique is more
Feb 14, 2025Ravie LakshmananVulnerability / DevOps Cybersecurity researchers have disclosed a new type of name confusion attack called whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. “If executed at scale, this attack could be used to gain
A new alert from the US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) has outlined strategies to eliminate buffer overflow vulnerabilities in software. Part of the Secure by Design Alert series, the report published on Wednesday emphasizes using memory-safe programming languages and other secure development practices to prevent these defects, which are
Feb 13, 2025Ravie LakshmananWeb Security / Cloud Security A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud. “The attacker targets victims searching for documents on search engines, resulting in access to malicious PDF
The UK government-backed Digital Security by Design (DSbD) initiative must succeed to systematically address rising cyber risks to the nation, according to the National Cyber Security Centre’s (NCSC) CTO, Ollie Whitehouse. Whitehouse made the remarks during an event showcasing the technological advances from the ambitious program, which aims to secure the underlying computer hardware used
A subgroup within the infamous Russian state-sponsored hacking group known as Sandworm has been attributed to a multi-year initial access operation dubbed BadPilot that stretched across the globe. “This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored network operations,” the Microsoft Threat
A 25-year-old Alabama man has pleaded guilty to charges related to the January 2024 hacking of the US Securities and Exchange Commission’s (SEC) X (formerly Twitter) account. This incident briefly caused a spike in the value of Bitcoin. Eric Council Jr., of Athens, Alabama, admitted in court to conspiring with others to gain unauthorized access
Feb 11, 2025Ravie LakshmananMobile Security / Machine Learning Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. “Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy
A newly uncovered cyber campaign has been observed exploiting Internet Information Services (IIS) vulnerabilities to distribute malware known as BadIIS. The attack, affecting several Asian countries, manipulates search engine optimization (SEO) results to redirect users to illegal gambling sites or malicious servers. Widespread Impact and Financial Motivation According to Trend Micro’s findings, the attack is financially
Feb 10, 2025Ravie LakshmananMalware / Payment Security Threat actors have been observed leveraging Google Tag Manager (GTM) to deliver credit card skimmer malware targeting Magento-based e-commerce websites. Website security company Sucuri said the code, while appearing to be a typical GTM and Google Analytics script used for website analytics and advertising purposes, contains an obfuscated
Over half (58%) of large UK financial services firms suffered at least one third-party supply chain attack in 2024, according to a study by Orange Cyberdefense. Nearly a quarter (23%) of these companies were hit three or more times by third-party attacks. The research identified significant gaps in financial services third-party risk management strategies. Close
- 1
- 2
- 3
- …
- 122
- Next Page »