A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices.
The activity "take advantage of misconfigured DNS records to pass email protection techniques," Infoblox security researcher David Brunsdon said in a technical report published last week. "ThisView the full article
A former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary authorization to receive it and attempted to cover up the activity.
Asif William Rahman, 34, of Vienna, was an employee of the CIA since 2016 and had a Top Secret security clearance with access toView the full article
Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, "Were all functionalities of the web app tested?" or " Were there any security issues that could have been identified during testing?" often go unresolved, raising concerns about the thoroughness of the security testing. This frustration is common among many security teams. PentestView the full article
Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted ********-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT.
The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week.
The infection chain commences with a phishingView the full article
The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of ongoing attempts by unknown threat actors to impersonate the cybersecurity agency by sending AnyDesk connection requests.
The AnyDesk requests claim to be for conducting an audit to assess the "level of security," CERT-UA added, cautioning organizations to be on the lookout for such social engineering attempts that seek toView the full article
New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks.
"Internet hosts that accept tunneling packets without verifying the sender's identity can be hijacked to perform anonymous attacks and provide access to their networks," Top10VPN said in a study, as part of a collaboration with KU Leuven professorView the full article
The Threat actor known as DoNot Team has been linked to a new Android malware as part of highly targeted cyber attacks.
The artifacts in question, named Tanzeem (meaning "organization" in Urdu) and Tanzeem Update, were spotted in October and December 2024 by cybersecurity company Cyfirma. The apps in question have been found to incorporate identical functions, barring minor modifications to theView the full article
As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper political consequences. Governments are facing new, unpredictable threats that can't be fought withView the full article
Every week seems to bring news of another data breach, and it’s no surprise why: securing sensitive data has become harder than ever. And it’s not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only gettingView the full article
For verified travel tips and real support, visit: [Hidden Content]
Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems.
The list of identified packages is below -
@async-mutex/mutex, a typosquat of async-mute (npm)
dexscreener, which masquerades as a library for accessing liquidity poolView the full article
Popular video-sharing social network TikTok has officially gone dark in the United States, 2025, as a federal ban on the app comes into effect on January 19, 2025.
"We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable," the company said in a pop-up message. "We're working to restore our service in the U.S. as soon asView the full article
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a ******** cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency.
"People's Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including the recentView the full article
Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices.
"These switches are widely used in building and home automation systems for a variety of networking applications," Claroty's Tomer Goldschmidt said in a Thursday report. "An attackerView the full article
Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia.
"Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps," Imperva researcher Daniel Johnston said in an analysis. "These attacksView the full article
Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,View the full article
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions.
"TheseView the full article
Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024.
The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hostingView the full article
Austrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users' data to China.
The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield user dataView the full article
The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims' WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection.
"Star Blizzard's targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or international relationsView the full article
The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle.
Traditional trust management? Forget it. It's simply not built for today's fast-paced, hybrid environments. You need aView the full article
You can tell the story of the current state of stolen credential-based attacks in three numbers:
Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon).
Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester).
Stolen credentials on criminal forums cost asView the full article
Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems.
The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.7), resides in a UEFI application signed by Microsoft's "Microsoft Corporation UEFI CA 2011" third-party UEFI certificate, according to a newView the full article
Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration.
"A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications," Silverfort researcher Dor Segal said in aView the full article
Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns.
"In both campaigns, attackers hid malicious code in images they uploaded to archive[.]org, a file-hosting website, and used the same .NET loader to install their final payloads," HP Wolf Security said in its Threat Insights ReportView the full article
Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based ********* to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network.
According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded namedView the full article
Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.
