Malware & Threats

CISA Issues Emergency Directive on Ivanti Zero-Days

CISA, CVE-2023-46805, CVE-2024-21887, Ivanti, Malware & Threats, Volexity, Vulnerabilities /

CISA Issues Emergency Directive on Ivanti Zero-Days 2024-01-19 at 23:31 By Ryan Naraine The US government’s cybersecurity agency CISA ramps up the pressure on organizations to mitigate two exploited Ivanti VPN vulnerabilities. The post CISA Issues Emergency Directive on Ivanti Zero-Days appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View […]

React to this headline:

Loading spinner

CISA Issues Emergency Directive on Ivanti Zero-Days Read More »

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks

Iran, Malware & Threats, Microsoft, Mint Sandstorm, Nation-State /

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks 2024-01-17 at 20:31 By Ryan Naraine Microsoft says an APT with links to Iran’s military intelligence is impersonating a prominent journalist in clever spear-phishing attacks. The post Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks Read More »

US Gov Issues Warning for Androxgh0st Malware Attacks

Androxgh0st, CISA, CVE-2017-9841, CVE-2018-15133, Incident Response, Malware & Threats /

US Gov Issues Warning for Androxgh0st Malware Attacks 2024-01-17 at 18:46 By Ionut Arghire A joint advisory from CISA and the FBI warns about Androxgh0st malware attacks ensnaring devices in a botnet. The post US Gov Issues Warning for Androxgh0st Malware Attacks appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

US Gov Issues Warning for Androxgh0st Malware Attacks Read More »

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

exploited, Featured, Ivanti, Malware & Threats, Zero-Day /

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins 2024-01-16 at 12:46 By Eduard Kovacs The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech. The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins Read More »

Information Stealer Exploits Windows SmartScreen Bypass

Malware, Malware & Threats /

Information Stealer Exploits Windows SmartScreen Bypass 2024-01-15 at 14:46 By Ionut Arghire Attackers exploit a recent Windows SmartScreen bypass vulnerability to deploy the Phemedrone information stealer. The post Information Stealer Exploits Windows SmartScreen Bypass appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this headline:

React to this headline:

Loading spinner

Information Stealer Exploits Windows SmartScreen Bypass Read More »

Cloud Server Abuse Leads to Huge Spike in Botnet Scanning

botnet, Malware & Threats /

Cloud Server Abuse Leads to Huge Spike in Botnet Scanning 2024-01-15 at 13:18 By Eduard Kovacs Netscout sees over one million IPs conducting reconnaissance scanning on the web due to increase in use of cheap or free cloud servers. The post Cloud Server Abuse Leads to Huge Spike in Botnet Scanning appeared first on SecurityWeek.

React to this headline:

Loading spinner

Cloud Server Abuse Leads to Huge Spike in Botnet Scanning Read More »

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout

China, espionage, Ivanti, Malware & Threats, Zero-Day /

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout 2024-01-12 at 13:16 By Eduard Kovacs Ivanti zero-day vulnerabilities dubbed ConnectAround could impact thousands of systems and Chinese cyberspies are preparing for patch release. The post Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Malware Used in Ivanti Zero-Day Attacks Shows Hackers Preparing for Patch Rollout Read More »

CISA Urges Patching of Exploited SharePoint Server Vulnerability

exploited, Malware & Threats, SharePoint /

CISA Urges Patching of Exploited SharePoint Server Vulnerability 2024-01-11 at 14:32 By Ionut Arghire CISA has added a critical Microsoft SharePoint Server flaw (CVE-2023-29357) to its Known Exploited Vulnerabilities catalog. The post CISA Urges Patching of Exploited SharePoint Server Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

CISA Urges Patching of Exploited SharePoint Server Vulnerability Read More »

Dutch Engineer Used Water Pump to Get Billion-Dollar Stuxnet Malware Into Iranian Nuclear Facility: Report

Malware & Threats, Stuxnet /

Dutch Engineer Used Water Pump to Get Billion-Dollar Stuxnet Malware Into Iranian Nuclear Facility: Report 2024-01-10 at 14:17 By Eduard Kovacs An engineer recruited by intelligence services used a water pump to deliver Stuxnet, which reportedly cost $1-2 billion to develop. The post Dutch Engineer Used Water Pump to Get Billion-Dollar Stuxnet Malware Into Iranian

React to this headline:

Loading spinner

Dutch Engineer Used Water Pump to Get Billion-Dollar Stuxnet Malware Into Iranian Nuclear Facility: Report Read More »

Adobe Patches Code Execution Flaws in Substance 3D Stager

Adobe, Malware & Threats, memory corruption, Patch Tuesday, Substance 3D Stager, Vulnerabilities /

Adobe Patches Code Execution Flaws in Substance 3D Stager 2024-01-09 at 20:02 By Ryan Naraine Patch Tuesday: Adobe patches six security flaws in the Substance 3D Stager product and warned of code execution risks on Windows and macOS. The post Adobe Patches Code Execution Flaws in Substance 3D Stager appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Adobe Patches Code Execution Flaws in Substance 3D Stager Read More »

Turkish Hackers Target Microsoft SQL Servers in Americas, Europe

Malware & Threats, Ransomware, Uncategorized /

Turkish Hackers Target Microsoft SQL Servers in Americas, Europe 2024-01-09 at 18:32 By Ionut Arghire Researchers at Securonix warn that Turkish threat actors are targeting organizations in the Americas and Europe with ransomware campaigns. The post Turkish Hackers Target Microsoft SQL Servers in Americas, Europe appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Turkish Hackers Target Microsoft SQL Servers in Americas, Europe Read More »

New ‘SpectralBlur’ macOS Backdoor Linked to North Korea

Mac malware, Malware & Threats, North Korea /

New ‘SpectralBlur’ macOS Backdoor Linked to North Korea 2024-01-05 at 15:45 By Ionut Arghire SpectralBlur is a new macOS backdoor that shows similarities with North Korean hacking group’s KandyKorn malware. The post New ‘SpectralBlur’ macOS Backdoor Linked to North Korea appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

New ‘SpectralBlur’ macOS Backdoor Linked to North Korea Read More »

Several Infostealers Using Persistent Cookies to Hijack Google Accounts

Malware, Malware & Threats /

Several Infostealers Using Persistent Cookies to Hijack Google Accounts 2024-01-03 at 17:46 By Ionut Arghire A vulnerability in Google’s authentication process allows malware to restore cookies and hijack user sessions. The post Several Infostealers Using Persistent Cookies to Hijack Google Accounts appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Several Infostealers Using Persistent Cookies to Hijack Google Accounts Read More »

21 New Mac Malware Families Emerged in 2023

Mac malware, Malware, Malware & Threats /

21 New Mac Malware Families Emerged in 2023 2024-01-03 at 14:46 By Eduard Kovacs A total of 21 new malware families targeting macOS systems were discovered in 2023, a 50% increase compared to 2022.  The post 21 New Mac Malware Families Emerged in 2023 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

21 New Mac Malware Families Emerged in 2023 Read More »

In Other News: Ubisoft Hack, NASA Security Guidance, TikTok Requests iPhone Passcode

Data Breaches, In Other News, Malware & Threats /

In Other News: Ubisoft Hack, NASA Security Guidance, TikTok Requests iPhone Passcode 2023-12-29 at 16:01 By SecurityWeek News Noteworthy stories that might have slipped under the radar: Ubisoft investigating alleged hack, NASA releases security guidance, TikTok scares iPhone users.  The post In Other News: Ubisoft Hack, NASA Security Guidance, TikTok Requests iPhone Passcode appeared first

React to this headline:

Loading spinner

In Other News: Ubisoft Hack, NASA Security Guidance, TikTok Requests iPhone Passcode Read More »

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ

Barracuda, China, Malware & Threats, Zero-Day /

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ 2023-12-28 at 13:01 By Eduard Kovacs The new Barracuda ESG zero-day CVE-2023-7102 has been used by Chinese hackers to target organizations in the US and APJ region. The post Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ appeared first on SecurityWeek.

React to this headline:

Loading spinner

Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ Read More »

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day

Barracuda, email security, Featured, Malware & Threats, Zero-Day /

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day 2023-12-27 at 13:16 By Eduard Kovacs Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances. The post Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day Read More »

Chameleon Android Malware Can Bypass Biometric Security

Android, Malware & Threats, Mobile & Wireless /

Chameleon Android Malware Can Bypass Biometric Security 2023-12-22 at 20:02 By Ionut Arghire A variant of the Chameleon Android banking trojan features new bypass capabilities and has expanded its targeting area. The post Chameleon Android Malware Can Bypass Biometric Security appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Chameleon Android Malware Can Bypass Biometric Security Read More »

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild

botnet, CISA, exploited, Malware & Threats, Mirai /

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild 22/12/2023 at 14:46 By Eduard Kovacs CISA released ICS advisories for FXC router and QNAP NRV flaws and added them to its known exploited vulnerabilities catalog.  The post CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild appeared first on

React to this headline:

Loading spinner

CISA Warns of FXC Router, QNAP NVR Vulnerabilities Exploited in the Wild Read More »

NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains

Malware & Threats, NSA /

NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains 20/12/2023 at 18:32 By Ionut Arghire The National Security Agency has published a new yearly report detailing its cybersecurity efforts throughout 2023. The post NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

NSA Blocked 10 Billion Connections to Malicious and Suspicious Domains Read More »

Scroll to Top