admin

Cybersecurity researchers have discovered “Bootkitty,” possibly the first UEFI bootkit specifically designed to target Linux systems. This marks a significant shift in theUEFI threat landscape, which previously focused exclusively on Windows-based attacks. The bootkit, named by its creators, was uploaded to VirusTotal in November 2024 and is believed to be a proof of concept rather

A widespread distributed denial-of-service (DDoS) campaign leveraging accessible tools and targeting IoT devices and enterprise servers has been uncovered by security researchers. Orchestrated by a threat actor known as Matrix, the operation highlights how minimal technical knowledge combined with public scripts can enable global scale cyber-attacks. Matrix’s attack framework, analyzed in detail by Aqua Nautilus,

A network of four public relations (PR) firms has been operating pro-China influence operations online since at least 2022, according to Google. In a report published on November 22, Google’s Threat Intelligence Group revealed it has removed hundreds of domains from its search and news indexes. These domains were part of a complex ecosystem of

Consumers have been warned that 77% of Black Friday-themed spam emails in 2024 have been identified as scams, with the remainder marketing lures, according to new figures from Bitdefender. This represents a 7% rise in the proportion of spam emails identified as scams compared to Black Friday 2023, and a 21% increase compared to 2022.

A Russian-aligned hacking group is conducting a cyber espionage campaign across Europe and Asia, according to Recorded Future. Insikt Group, Recorded Future’s threat intelligence team, has shared in a November 21 report that a group it tracks as TAG-110 has been using custom malware to compromise government entities, human rights groups and educational institutions. The

Microsoft has seized 240 fraudulent websites associated with “do-it-yourself” phishing kits used by cybercriminals globally to break into customer accounts. The action was enabled by a civil court order in the Eastern District of Virginia which allowed the malicious technical infrastructure to be directed to Microsoft. This permanently stops the use of these domains in

US and Australian government agencies have urged critical infrastructure organizations to protect against new tactics employed by the BianLian ransomware group. These updated tactics, techniques and procedures (TTPs) include shifting exclusively to exfiltration-based extortion and leveraging new approaches for initial access, command and control, and defense evasion. The joint advisory from the FBI, Cybersecurity and

Cyber intrusions affecting telecom providers previously attributed to the Chinese hacking group LightBasin (UNC1945) are now believed to come from another Chinese-sponsored group, according to CrowdStrike. In a November 19 testimony in front of the US Senate Judiciary Subcommittee on Privacy, Technology, and the Law, Adam Meyers, CrowdStrike Senior Vice President of Counter Adversary Operations,

Palo Alto Networks has released a security patch to fix a critical vulnerability in instances of its firewall management interfaces. The security vendor disclosed the flaw on November 8 and later confirmed evidence of in-the-wild exploitation. It was initially tracked by Palo Alto as PAN-SA-2024-0015. It has now been allocated a common vulnerabilities and exposures

A new phishing campaign is luring victims with a fake story about an attempt on President-elect Donald Trump’s life. While there have been real assassination attempts against Trump, this one is fake news. The story, which implies it is from the New York Times (NYT), describes Trump in a critical condition after being shot by

Attack surface management provider watchTowr claims to have found a new zero-day vulnerability in cybersecurity provider Fortinet’s products. This flaw would allow a managed FortiGate device to elevate privileges and seize control of the FortiManager instance. This new vulnerability is similar to a previous flaw discovered in October, CVE-2024-47575, also known as “FortiJump.” Researchers at watchTowr

The hacker behind one of the largest cryptocurrency heists in history will spend five years in a US prison. US resident Ilya Lichtenstein, 35, was sentenced on November 14 to five years in jail after he hacked into Bitfinex, one of the largest cryptocurrency exchange platforms, in 2016. Lichtenstein stole 120,000 bitcoins and started laundering the

An unauthenticated remote command execution (RCE) vulnerability against Palo Alto Networks’ internet-exposed firewall management interfaces is actively being exploited, according to the cybersecurity provider. On November 8, Palo Alto published a security advisory to warn of a zero-day vulnerability affecting some of its PAN-OS firewall management interfaces. The flaw is an unauthenticated RCE vulnerability affecting

China-affiliated hackers have compromised US officials’ data through a large-scale hack on telecommunications providers, according to the US government. The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) published a joint advisory on November 13 in which they shared more details on what they called “a broad and significant cyber espionage campaign.” They

A threat actor who posted 2.8 million lines of Amazon employee data last week has taken to the dark web to claim they are doing so to raise awareness of poor security practice. The individual, who goes by the online moniker “Nam3L3ss,” claimed in a series of posts to have obtained data from 25 organizations