News
-
"Gootloader Aims Malicious, Custom Bot Army at Enterprise Networks"The Gootloader Group is using GootBot, a new destructive post-compromise tool that spreads bots throughout enterprise environments following infiltration.
-
"Ransomware Gang Leaks Data Allegedly Stolen From Canadian Hospitals"Five Canadian hospitals have recently confirmed that patient and employee data that was stolen in a ransomware attack has been leaked online.
-
"37 Vulnerabilities Patched in Android With November 2023 Security Updates"Google recently announced patches for 37 vulnerabilities as part of the November 2023 Android security updates, with additional fixes released for Pixel devices.
-
"Cryptographers Solve Decades-Old Privacy Problem"Three researchers have discovered a long-sought way for secretly retrieving information from large databases, bringing us closer to fully private Internet searches.
-
"The Smart Home Tech Inside Your Home Is Less Secure Than You Think, New Northeastern Research Finds"New research by David Choffnes, an associate professor of computer science at Northeastern University, and a team of others explores the privacy and security flaws of smart home devices, also known as the Internet of Things (IoT).
-
"Attackers Use Google Calendar RAT to Abuse Calendar Service as C2 Infrastructure"Google warns of a public Proof-of-Concept (PoC) exploit called Google Calendar RAT (GCR) that uses the Calendar service to host Command-and-Control (C2) infrastructure.
-
"EleKtra-Leak Campaign Uses AWS Cloud Keys Found on Public GitHub Repositories to Run Cryptomining Operation"Palo Alto Networks' Unit 42 has revealed an active attack campaign in which a threat actor searches GitHub repositories in real-time for Amazon Identity and Access Management (IAM) credentials and begins using them less than five minutes later.
-
"New Survey From Akamai Shows Increasing Benefits of Network Segmentation"A new Akamai Technologies report titled "The State of Segmentation 2023" highlights the growing number of ransomware attacks and the need for microsegmentation to recover from them.
-
"Most Cloud Moves Found Rushed as Adopters Underrate Associated Risks"According to a new study on cloud-native security, many cloud adopters do not understand the security risks of moving legacy applications to the cloud, leaving them vulnerable to various cloud-based attacks.
-
"US Sanctions Russian Accused of Laundering Ryuk Ransomware Funds"The US government has sanctioned a Russian national for allegedly laundering millions of dollars in victim ransom payments on behalf of people associated with the Ryuk ransomware group.
-
"Exploited 'Looney Tunables' Linux Privileged Escalation Bug Linked To Kinsing Threat Actor"Aqua Nautilus researchers reported the first instance of an exploit attack on the "Looney Tunables" Linux privileged escalation vulnerability.
-
"Socks5Systemz Proxy Service Infects 10,000 Systems Worldwide"Socks5Systemz, a proxy botnet, has infected about 10,000 systems through the PrivateLoader and Amadey malware loaders. Infected computers become traffic-forwarding proxies for malicious, illegal, or anonymous traffic.