News
-
"Critical Ivanti Authentication Bypass Bug Exploited in Wild"According to the Cybersecurity and Infrastructure Security Agency (CISA), a critical authentication bypass vulnerability in Ivanti Virtual Traffic Manager (vTM) has now been exploited by threat actors in the wild.
-
"US House Bill Addresses Growing Threat of Chinese Cyber Actors"The US House Homeland Security Committee Republicans have recently unveiled a new bill aimed at addressing the growing cyber threats posed by state-sponsored Chinese actors targeting US critical infrastructure.
-
"Researcher Says Healthcare Facility’s Doors Hackable for Over a Year"A security researcher recently launched a project with the goal of showing that physical access control vulnerabilities still impact many organizations.
-
"AI-Generated Malware Found in the Wild"HP intercepted an email campaign involving a standard malware payload delivered via an Artificial Intelligence (AI)-generated dropper.
-
"New Octo2 Malware Variant Threatens Mobile Banking Security"Mobile banking users worldwide are at risk from "Octo2," a new, advanced "Octo" malware variant. ThreatFabric analysts say Octo malware is one of the most widespread mobile threats in recent years.
-
"RomCom Malware Resurfaces With SnipBot Variant"The cyber espionage malware called "RomCom," which targeted the Ukraine military and its supporters last year, has returned with a new variant. It uses valid code-signing certificates to evade detection.
-
"Unpatched Vulnerabilities Expose Riello UPSs to Hacking: Security Firm"CyberDanube, an Austrian industrial cybersecurity company, says hackers can take control of Riello Uninterruptible Power Supply (UPS) devices by exploiting unpatched vulnerabilities.
-
"New PondRAT Malware Hidden in Python Packages Targets Software Developers"North Korea-linked threat actors are using poisoned Python packages to spread "PondRAT" malware as part of an ongoing campaign.
-
"Global Infostealer Malware Operation Targets Crypto Users, Gamers"An infostealer malware operation spanning 30 campaigns targeting different demographics and system platforms has been attributed to "Marko Polo," a cybercriminal group.
-
"Automatic Tank Gauges Used in Critical Infrastructure Plagued by Critical Vulnerabilities"The cybersecurity community started warning about remote hacker attacks on Automatic Tank Gauge (ATG) systems nearly a decade ago, but critical vulnerabilities remain.
-
"Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox"SentinelLabs presented research at LABScon 2024 that brought attention to the resurfacing of "Kryptina," a Ransomware-as-a-Service (RaaS) tool, in enterprise attacks.
-
"Iranian APT Operating as Initial Access Provider to Networks in the Middle East"Mandiant further explored "UNC1860," an Iranian Advanced Persistent Threat (APT) actor that serves as an initial access provider to high-profile networks in the Middle East.