News
-
"White House Launches Cybersecurity Hiring Sprint to Help Fill 500,000 Job Openings"To fill over half a million job openings in cyber, technology and AI, the White House Office of the National Cyber Director put out a new program to fill the shortfalls.
-
"3 Men Plead Guilty to Running Service That Bypasses MFA"Three men pleaded guilty in a British court to running an online criminal service called "OTPAgency," advertised to evade Multi-Factor Authentication (MFA) defenses for banks such as HSBC, Lloyds, and Monzo.
-
"DHS Seeks Maritime Port Infrastructure Information from US Port Community"The US Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has made a Request for Information (RFI) from commercial port operators in order to advance the Directorate's Maritime Port Resiliency and Security Research Testb
-
"Spyware Vendors' Nebulous Ecosystem Helps Them Evade Sanctions"A new report by the Atlantic Council's Cyber Statecraft Initiative and researchers at American University highlights that spyware vendors can evade sanctions partly because of a complex network of interrelated entities and different jurisdictions
-
"Chinese 'Tropic Trooper' APT Targets Mideast Governments""Tropic Trooper," a China-linked Advanced Persistent Threat (APT) group, is conducting an espionage campaign targeting government entities in the Middle East.
-
"New Backdoor Linked to Earth Lusca Threat Group"Researchers have discovered a new Go language-based backdoor called "KTLVdoor" that targets Windows and Linux systems and is linked to the Chinese-speaking threat actor named "Earth Lusca." Earth Lusca has been active since at least April 2019, targeti
-
"SpyAgent Android Malware Steals Your Crypto Recovery Phrases From Images""SpyAgent," a new Android malware, steals cryptocurrency wallet recovery phrases from screenshots on a mobile device using Optical Character Recognition (OCR) technology.
-
"GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware"Multiple campaigns have exploited a recently disclosed OSGeo GeoServer GeoTools security flaw to deliver cryptocurrency miners, botnet malware, and a backdoor.
-
"Veeam Patches Critical Vulnerabilities in Enterprise Products"Veeam recently announced patches for multiple vulnerabilities in its enterprise products, including critical severity bugs that could lead to remote code execution (RCE).
-
"LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks"According to security researchers at Patchstack, a vulnerability in the popular LiteSpeed Cache plugin for WordPress could allow attackers to retrieve user cookies and potentially take over websites.
-
"Rapid Growth of Password Reset Attacks Boosts Fraud and Account Takeovers"According to security researchers at LexisNexis Risk Solutions, as many as one in four password reset attempts from desktop browsers are fraud.
-
"Penpie DeFi Platform Files Reports With FBI, Singapore Police After $27 Million Crypto Theft"Hackers have stolen over $27 million in cryptocurrency from the Penpie Decentralized Finance (DeFi) protocol. Due to the theft, Penpie has shut down withdrawals and deposits.