Feb 13, 2024NewsroomCryptocurrency / Rootkit The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware. “This bootkit can intervene and control the [operating system] boot process, enabling Glupteba to hide itself and create a stealthy persistence that
admin
Cybersecurity firm Proofpoint has observed a new malicious campaign targeting dozens of Microsoft Azure environments. Threat actors have targeted hundreds of individuals with multiple operational and executive roles across different organizations. These include sales directors, account managers, finance managers, vice presidents, presidents, chief financial officers, and CEOs. The campaign started in November 2023 and is
Feb 12, 2024NewsroomVulnerability / Data Recovery Cybersecurity researchers have uncovered an “implementation vulnerability” that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA). “Through a comprehensive analysis
Raspberry Robin, a malware initially identified in 2021, has demonstrated remarkable adaptability and sophistication in its recent operations, according to a new report. The findings come from Check Point researchers, who published a new analysis on Wednesday revealing unique and innovative methods employed by the malware, including exploiting vulnerabilities to gain higher privileges. According to
Video, Ransomware Called a “watershed year for ransomware”, 2023 marked a reversal from the decline in ransomware payments observed in the previous year 09 Feb 2024 Ransomware payments in 2023 reached a record-breaking $1.1 billion in 2023, according to an analysis by Chainalysis, a blockchain research firm. Calling 2023 a “watershed year for ransomware”, Chainalysis
Feb 11, 2024NewsroomMalware / Cybercrime The U.S. Justice Department (DoJ) on Friday announced the seizure of online infrastructure that was used to sell a remote access trojan (RAT) called Warzone RAT. The domains – www.warzone[.]ws and three others – were “used to sell computer malware used by cybercriminals to secretly access and steal data from
February 2024 marks 20 years of Facebook’s existence. Despite the brand being well established worldwide and in our day to day lives, only 6% of people trust it and other social media companies with their personal data. In a survey of 12,000 people across the globe, the Thales 2024 Digital Trust Index found that trust in social media
Feb 10, 2024NewsroommacOS Malware / Cyber Threat Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures. The exact initial
The US Federal Communications Commission (FCC) has introduced a ban on robocalls that contain voices generated by AI to protect US voters from spamming ahead of the November presidential election. Callers must obtain prior express consent from the called party before making a call that utilizes artificial or pre-recorded voice simulated or generated through AI
Business Security Heavy workloads and the specter of personal liability for incidents take a toll on security leaders, so much so that many of them look for the exits. What does this mean for corporate cyber-defenses? Phil Muncaster 08 Feb 2024 • , 5 min. read Cybersecurity is finally becoming a board-level issue. That’s as
Feb 09, 2024NewsroomMobile Security / Cyber Threat Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. “Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no execution,” McAfee Labs said
The personal information of 33 million French citizens could be exposed after two French health insurance operators suffered a data breach in early February. Viamedis, France’s leading provider of medical third-party payment, confirmed on February 1 that it had suffered a data breach. Medical third-party payment is a French system in which a health insurance
The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam. “Volt Typhoon’s choice of
Meta will start labeling AI-generated images posted on its Facebook and Instagram platforms before the 2024 US presidential election. Nick Clegg, the social media giant’s president of global affairs, announced in a February 6 blog post that images generated by AI tools and published on Facebook, Instagram and Threads will appear with an AI label
Scams With Valentine’s Day almost upon us, here’s some timely advice on how to prevent scammers from stealing more than your heart Imogen Byers 05 Feb 2024 • , 7 min. read Online dating has revolutionized how people connect and find love. Now, any of us can flick through an online catalog of potential love
Feb 07, 2024NewsroomDevice Security / Vulnerability The maintainers of shim have released version 15.8 to address six security flaws, including a critical bug that could pave the way for remote code execution under specific circumstances. Tracked as CVE-2023-40547 (CVSS score: 9.8), the vulnerability could be exploited to achieve a Secure Boot bypass. Bill Demirkapi of
Malware-as-a-Service (MaaS) infections were the biggest threat to organizations in the second half of 2023, according to a new Darktrace report. The 2023 End of Year Threat Report highlighted the cross-functional adaption of many of the malware strains. This includes malware loaders like remote access trojans (RATs) being combined with information-stealing malware. Through reverse engineering
Feb 06, 2024NewsroomSocial Engineering / Malvertising Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer. “This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors,” Trustwave SpiderLabs said
The US has slammed Iran for “destabilizing and potentially escalatory” cyber-attacks on critical infrastructure. The remarks were made in a statement that announced sanctions against six Iranians for last year’s cyber-attack against Unitronics, an Israeli manufacturer of programmable logic controllers used in the water sector and other critical infrastructure organizations. The Department of the Treasury’s
Feb 05, 2024The Hacker NewsData Protection / Threat Intelligence A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The majority will shout alerts at the customer as and when they
Cloudflare has revealed its systems were compromised on Thanksgiving last year, leading to source code being accessed by threat actors. The IT service provider believes the attack, which took place on November 23, 2023, was perpetrated by a nation-state actor, who used credentials stolen during a breach of identity and access management (IAM) specialist Okta.
ESET researchers have identified twelve Android espionage apps that share the same malicious code: six were available on Google Play, and six were found on VirusTotal. All the observed applications were advertised as messaging tools apart from one that posed as a news app. In the background, these apps covertly execute remote access trojan (RAT)
Feb 03, 2024NewsroomVulnerability / Social Media The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account. “Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account,” the maintainers said in a terse advisory. The vulnerability, tracked
Romance scam victims surged by more than a fifth (22%) in 2023, compared to 2022, according to new figures from Lloyds Bank. The average amount lost per incident was £6937 ($8847) last year. This was lower than in 2022, when the average loss was £8237 ($10,505). Romance scams have exploded in prominence in recent years,
Video The banking trojan, which targeted mostly Brazil, Mexico and Spain, blocked the victim’s screen, logged keystrokes, simulated mouse and keyboard activity and displayed fake pop-up windows 02 Feb 2024 This week, law enforcement in Brazil took action to disrupt the Grandoreiro banking malware in a joint effort that was also supported by the ESET
Feb 03, 2024NewsroomIntelligence Agency / Cyber Security The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries. The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and
Wizz, a growing social media app among US teenagers, was removed from the Apple App Store and the Google Play Store on January 30. Apple and Google had been contacted by the National Center on Sexual Exploitation, a US conservative anti-pornography organization, who thanked the two giants on X “for booting the Wizz app from
ESET Research An AI chatbot inadvertently kindles a cybercrime boom, ransomware bandits plunder organizations without deploying ransomware, and a new botnet enslaves Android TV boxes ESET Research 31 Jan 2024 • , 2 min. read In this episode of the ESET Research Podcast, we dissect the most interesting findings of the ESET Threat Report H2
Feb 02, 2024NewsroomCryptojacking / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been infected by a strain of malware called DirtyMoe. The agency attributed the campaign to a threat actor it calls UAC-0027. DirtyMoe, active since at least 2016, is capable of carrying
Security researchers have recently unearthed a supply-chain vulnerability within Bazel, one of Google’s flagship open-source products. The flaw centered around a command injection vulnerability in a dependent GitHub Actions workflow, potentially allowing malicious actors to insert harmful code into Bazel’s codebase. According to Cycode researchers, the gravity of this situation means it could affect millions of projects
- « Previous Page
- 1
- …
- 22
- 23
- 24
- 25
- 26
- …
- 116
- Next Page »