admin

Cybersecurity researchers have uncovered a new cyber-threat involving fraudulent Skype, Google Meet and Zoom websites aimed at spreading malware.  The campaign, uncovered in December 2023 by Zscaler’s ThreatLabz, saw perpetrators distributing the SpyNote remote access Trojan (RAT) to Android users and NjRAT and DCRat to Windows users. These malicious URLs and files were identified on

The TA4903 group has been observed engaging in extensive spoofing of both US government agencies and private businesses across various industries. While primarily targeting organizations within the United States, TA4903 occasionally extends its reach globally through high-volume email campaigns. The overarching objective of these campaigns, as reported by Proofpoint in a new advisory published today, is

The hacking group GhostSec has seen a significant increase in its malicious activities over the past year, according to research conducted by Cisco Talos.  This surge includes the emergence of GhostLocker 2.0, a new variant of ransomware developed by the group using the Golang programming language.  GhostSec, in collaboration with the Stormous ransomware group, has

Researchers have developed a computer worm that targets generative AI (GenAI) applications to potentially spread malware and steal personal data. The new paper details the worm dubbed “Morris II,” which targets GenAI ecosystems through the use of adversarial self-replicating prompts, leading to GenAI systems delivering payloads to other agents. Once unleashed, the worm is stored

The UK Home Office has breached data protection law by using electronic tags to monitor migrants, according to the Information Commissioner’s Office (ICO). The regulator said the government department failed to sufficiently assess the privacy intrusion of the continuous collection of individuals’ location information. It noted that 24/7 access to people’s movement is likely to

Read more on Ivanti vulnerabilities: Eight government agencies from the Five Eyes countries (Australia, Canada, New Zealand, the UK, and the US) issued an urgent warning on February 29 about the active exploitation of Ivanti product vulnerabilities. Specifically, the joint advisory assessed that cyber threat actors are exploiting previously identified vulnerabilities in Ivanti Connect Secure

US President Joe Biden has warned that Chinese manufactured automobiles could be used to steal sensitive data of US citizens and critical infrastructure. The White House statement announced it will be conducting an investigation into the impact of “connected vehicles” containing technology from China on US national security. “I have directed my Secretary of Commerce

Leading drug distributor Cencora has disclosed a cybersecurity incident where data from its information systems was compromised, potentially containing personal information.  The breach was discovered on February 21 2024, according to a Securities and Exchange Commission (SEC) filing published on the same day. “Upon initial detection of the unauthorized activity, the Company immediately took containment steps

A joint Cybersecurity Advisory (CSA) issued by the Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command and international partners has raised alarms regarding Russian state-sponsored cyber actors’ exploitation of compromised Ubiquiti EdgeRouters. Identified as the Russian General Staff Main Intelligence Directorate (GRU), 85th Main Special Service Center (GTsSS), these actors, also known

Cybersecurity researchers have discovered a significant vulnerability in the LiteSpeed Cache plugin for WordPress. The vulnerability affects the LiteSpeed Cache plugin, which boasts over 4 million active installations, and presents a risk of unauthenticated site-wide stored XSS (cross-site scripting). This could potentially allow unauthorized access to sensitive information or privilege escalation on affected WordPress sites via

A recent joint advisory released by CISA in collaboration with the UK National Cyber Security Centre (NCSC) and other domestic and international partners sheds light on the evolving tactics of Russian Foreign Intelligence Service (SVR) cyber actors. Referred to by various aliases such as APT29, Midnight Blizzard, the Dukes or Cozy Bear, this group has

Almost four in five (78%) of organizations who paid a ransom demand were hit by a second ransomware attack, often by the same threat actor, according to Cybereason’s Ransomware: The Cost to Business Study 2024. Nearly two-thirds (63%) of these organizations were asked to pay more the second time. Of the 78% breached a second