News
-
"Highly Evasive SquidLoader Malware Targets China"A malware loader called "SquidLoader" is linked to an unknown threat actor that has targeted Chinese-speaking victims for two years, LevelBlue Labs reports. -
"French Diplomatic Entities Targeted by Russian-Aligned Nobelium"The French cybersecurity agency ANSSI reports that the Russian-aligned threat actor "Nobelium" has targeted French diplomatic entities and public organizations since 2021. -
"LockBit Most Prominent Ransomware Actor in May 2024"According to security researchers at the NCC Group, the notorious LockBit group has reemerged to become the most prominent ransomware actor in May 2024. -
"New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration""Fickle Stealer," a new Rust-based information stealer malware, is delivered via multiple attack chains to steal sensitive data from compromised hosts. -
"Hundreds of PC, Server Models Possibly Affected by Serious Phoenix UEFI Vulnerability"Phoenix Technologies' SecureCore UEFI firmware solution has a high-severity vulnerability that could affect hundreds of PC and server models using Intel processors. -
"Two Men Plead Guilty to Hacking Law Enforcement Database for Doxing"Two men from New York and Rhode Island have recently pleaded guilty to hacking into a database maintained by a US federal law enforcement agency and using stolen personal information to extort people. -
"X-Force Discovers New Vulnerabilities in Smart Treadmill"Due to the many features of Internet-connected gym machines, IBM X-Force Red researchers decided to explore their user data security and whether there was any risk to users' physical safety. -
"UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying"The cyber espionage actor "UNC3866," linked to the zero-day exploitation of Fortinet, Ivanti, and VMware security flaws, uses multiple persistence mechanisms to maintain access to compromised environments. -
"Researchers Exploit Kraken Exchange Bug, Steal $3 Million in Crypto"The cryptocurrency exchange Kraken has revealed that alleged security researchers stole $3 million in cryptocurrency using a zero-day website bug. -
"Critical VMware Bugs Open Swaths of VMs to RCE, Data Theft"Broadcom has addressed three VMware vCenter vulnerabilities, two of which are critical and enable Remote Code Execution (RCE). Hackers continue to target Virtual Machines (VMs) due to their rich repositories of sensitive data and applications. -
"CIISec Urges Employers to Target Young Talent in Gaming Centers"New guidance from the Chartered Institute of Information Security (CIISec) advises employers to reach candidates outside traditional channels. -
"AMD Investigating Breach Claims After Hacker Offers to Sell Data"AMD has launched an investigation after a well-known hacker announced the sale of sensitive data that allegedly belonged to the company.