Magecart Web Skimmer Hides in 404 Error Pages 10/10/2023 at 15:37 By Ionut Arghire A newly identified Magecart web skimming campaign is tampering with ‘404’ error pages to hide malicious code. The post Magecart Web Skimmer Hides in 404 Error Pages appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View […]
React to this headline:
Magecart Web Skimmer Hides in 404 Error Pages Read More »
Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites 09/10/2023 at 19:16 By Eduard Kovacs Recently patched TagDiv Composer plugin vulnerability exploited to hack thousands of WordPress sites as part of the Balada Injector campaign. The post Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites appeared first on
React to this headline:
Recently Patched TagDiv Plugin Flaw Exploited to Hack Thousands of WordPress Sites Read More »
Credential Harvesting Campaign Targets Unpatched NetScaler Instances 09/10/2023 at 17:47 By Ionut Arghire Threat actors are targeting Citrix NetScaler instances unpatched against CVE-2023-3519 to steal user credentials. The post Credential Harvesting Campaign Targets Unpatched NetScaler Instances appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this
React to this headline:
Credential Harvesting Campaign Targets Unpatched NetScaler Instances Read More »
Android Devices With Backdoored Firmware Found in US Schools 06/10/2023 at 18:03 By Ionut Arghire A global cybercriminal operation called BadBox has infected the firmware of more than 70,000 Android smartphones, CTV boxes, and tablets with the Triada malware. The post Android Devices With Backdoored Firmware Found in US Schools appeared first on SecurityWeek. This
React to this headline:
Android Devices With Backdoored Firmware Found in US Schools Read More »
Qakbot Hackers Continue to Push Malware After Takedown Attempt 05/10/2023 at 15:31 By Eduard Kovacs Qakbot cybercriminals continue to push malware, which shows they are still operational after the recent takedown attempt. The post Qakbot Hackers Continue to Push Malware After Takedown Attempt appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
React to this headline:
Qakbot Hackers Continue to Push Malware After Takedown Attempt Read More »
Hundreds Download Malicious NPM Package Capable of Delivering Rootkit 05/10/2023 at 14:01 By Ionut Arghire Threat actor uses typosquatting to trick hundreds of users into downloading a malicious NPM package that delivers the r77 rootkit. The post Hundreds Download Malicious NPM Package Capable of Delivering Rootkit appeared first on SecurityWeek. This article is an excerpt
React to this headline:
Hundreds Download Malicious NPM Package Capable of Delivering Rootkit Read More »
Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day 04/10/2023 at 22:16 By Ryan Naraine Apple’s cat-and-mouse struggles with zero-day exploits on its flagship iOS platform is showing no signs of slowing down. The post Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day Read More »
Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day 04/10/2023 at 20:16 By Ryan Naraine Atlassian confirms that “a handful of customers” were hit by exploits targeting a remotely exploitable flaw in its Confluence Data Center and Server products. The post Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day appeared first on SecurityWeek. This article is
React to this headline:
Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day Read More »
Dozens of Malicious NPM Packages Steal User, System Data 03/10/2023 at 15:48 By Ionut Arghire Fortinet warns of multiple malicious NPM packages that include install scripts designed to steal sensitive information. The post Dozens of Malicious NPM Packages Steal User, System Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed
React to this headline:
Dozens of Malicious NPM Packages Steal User, System Data Read More »
Chinese Gov Hackers Caught Hiding in Cisco Router Firmware 27/09/2023 at 21:02 By Ryan Naraine The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently hop around the corporate networks of U.S. and Japanese companies. The post Chinese Gov Hackers Caught
React to this headline:
Chinese Gov Hackers Caught Hiding in Cisco Router Firmware Read More »
UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor 26/09/2023 at 17:16 By Ionut Arghire UAE-linked APT group Stealth Falcon has used the new Deadglyph backdoor in an attack targeting a governmental entity in the Middle East. The post UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor appeared first on SecurityWeek. This
React to this headline:
UAE-Linked APT Targets Middle East Government With New ‘Deadglyph’ Backdoor Read More »
Xenomorph Android Banking Trojan Targeting Users in US, Canada 26/09/2023 at 14:46 By Ionut Arghire The Xenomorph Android banking trojan can now mimic financial institutions in the US and Canada and is also targeting crypto wallets. The post Xenomorph Android Banking Trojan Targeting Users in US, Canada appeared first on SecurityWeek. This article is an
React to this headline:
Xenomorph Android Banking Trojan Targeting Users in US, Canada Read More »
Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices 19/09/2023 at 15:47 By Ionut Arghire New versions of Pakistan-linked APT Transparent Tribe’s CapraRAT Android trojan mimic the appearance of YouTube. The post Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
React to this headline:
Pakistani APT Uses YouTube-Mimicking RAT to Spy on Android Devices Read More »
CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks 19/09/2023 at 13:32 By Eduard Kovacs CISA says Owl Labs video conferencing device vulnerabilities that require the attacker to be in close range exploited in attacks The post CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks appeared first on
React to this headline:
CISA Says Owl Labs Vulnerabilities Requiring Close Physical Range Exploited in Attacks Read More »
macOS Info-Stealer Malware ‘MetaStealer’ Targeting Businesses 13/09/2023 at 16:47 By Ionut Arghire The MetaStealer macOS information stealer has been targeting businesses to exfiltrate keychain and other valuable information. The post macOS Info-Stealer Malware ‘MetaStealer’ Targeting Businesses appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this
React to this headline:
macOS Info-Stealer Malware ‘MetaStealer’ Targeting Businesses Read More »
After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery 13/09/2023 at 12:16 By Eduard Kovacs After Apple and Google, Mozilla has also patched an image processing-related zero-day vulnerability exploited by spyware. The post After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery appeared first on SecurityWeek. This article is
React to this headline:
After Apple and Google, Mozilla Also Patches Zero-Day Exploited for Spyware Delivery Read More »
Zero Day Summer: Microsoft Warns of Fresh New Software Exploits 12/09/2023 at 22:16 By Ryan Naraine Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild. The post Zero Day Summer: Microsoft Warns of Fresh New Software Exploits appeared first on SecurityWeek. This
React to this headline:
Zero Day Summer: Microsoft Warns of Fresh New Software Exploits Read More »
Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks 08/09/2023 at 17:31 By Ionut Arghire Cisco is warning of a zero-day vulnerability in Cisco ASA and FTD that can be exploited remotely, without authentication, in brute force attacks. The post Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks appeared first on SecurityWeek. This article is an
React to this headline:
Cisco ASA Zero-Day Exploited in Akira Ransomware Attacks Read More »
US, UK Sanction More Members of Trickbot Russian Cybercrime Group 08/09/2023 at 13:33 By Eduard Kovacs The US and UK have announced sanctions against 11 more alleged members of the Russian cybercrime group Trickbot. The post US, UK Sanction More Members of Trickbot Russian Cybercrime Group appeared first on SecurityWeek. This article is an excerpt
React to this headline:
US, UK Sanction More Members of Trickbot Russian Cybercrime Group Read More »
US Aeronautical Organization Hacked via Zoho, Fortinet Vulnerabilities 08/09/2023 at 13:33 By Ionut Arghire APTs exploited vulnerabilities in Zoho ManageEngine and Fortinet VPNs to hack an aerospace organization in early January 2023. The post US Aeronautical Organization Hacked via Zoho, Fortinet Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed
React to this headline:
US Aeronautical Organization Hacked via Zoho, Fortinet Vulnerabilities Read More »