Malware & Threats

Researchers Show How Malware Could Steal Windows Recall Data

Malware, Malware & Threats, Windows Recall /

Researchers Show How Malware Could Steal Windows Recall Data 2024-06-05 at 16:31 By Eduard Kovacs Cybersecurity researchers are demonstrating how malware could steal data collected by the new Windows Recall feature. The post Researchers Show How Malware Could Steal Windows Recall Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Loading spinner

Researchers Show How Malware Could Steal Windows Recall Data Read More »

CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability

CISA KEV, exploited, Malware & Threats, Oracle WebLogic /

CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability 2024-06-04 at 15:46 By Eduard Kovacs CISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog. The post CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability Read More »

Identities of Cybercriminals Linked to Malware Loaders Revealed

cybercrime, Malware & Threats, Tracking & Law Enforcement /

Identities of Cybercriminals Linked to Malware Loaders Revealed 2024-06-03 at 16:46 By Ionut Arghire Law enforcement reveals the identities of eight cybercriminals linked to recently disrupted malware loaders. The post Identities of Cybercriminals Linked to Malware Loaders Revealed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Identities of Cybercriminals Linked to Malware Loaders Revealed Read More »

PoC Published for Exploited Check Point VPN Vulnerability

Check Point, exploited, Malware & Threats, VPN /

PoC Published for Exploited Check Point VPN Vulnerability 2024-06-03 at 15:46 By Ionut Arghire PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances. The post PoC Published for Exploited Check Point VPN Vulnerability appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

PoC Published for Exploited Check Point VPN Vulnerability Read More »

Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers

botnet, bricked, Malware & Threats, router /

Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers 2024-05-31 at 14:46 By Ionut Arghire Over 600,000 SOHO routers belonging to a single ISP and infected with the Chalubo trojan were rendered inoperable. The post Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Mysterious Threat Actor Used Chalubo Malware to Brick 600,000 Routers Read More »

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors

CVE-2023-40000, CVE-2023-6961, CVE-2024-2194, Fastly, Malware & Threats, Vulnerabilities, WordPress /

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors 2024-05-30 at 18:17 By Ionut Arghire Malicious campaign exploits high-severity XSS flaws in three WordPress plugins to backdoor websites. The post Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors Read More »

TrickBot and Other Malware Droppers Disrupted by Law Enforcement

dropper, Malware, Malware & Threats, takedown, Tracking & Law Enforcement, Trickbot /

TrickBot and Other Malware Droppers Disrupted by Law Enforcement 2024-05-30 at 15:32 By Ionut Arghire The TrickBot botnet and other malware droppers have been targeted by international law enforcement in Operation Endgame. The post TrickBot and Other Malware Droppers Disrupted by Law Enforcement appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

TrickBot and Other Malware Droppers Disrupted by Law Enforcement Read More »

Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested

botnet, dismantled, Featured, Malware & Threats, takedown, Tracking & Law Enforcement /

Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested 2024-05-30 at 15:01 By Eduard Kovacs The US announced that the 911 S5 (Cloud Router) botnet, likely the world’s largest, has been dismantled and its administrator arrested. The post Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested Read More »

Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication

credential stuffing, Malware & Threats, Okta /

Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication 2024-05-30 at 15:01 By Ionut Arghire Okta raises the alarm on credential stuffing attacks targeting endpoints used for cross-origin authentication. The post Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication Read More »

Check Point VPN Attacks Involve Zero-Day Exploited Since April

Check Point, exploited, Featured, Malware & Threats, VPN, vulnerability, Zero-Day /

Check Point VPN Attacks Involve Zero-Day Exploited Since April 2024-05-30 at 12:46 By Eduard Kovacs The recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords. The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

Check Point VPN Attacks Involve Zero-Day Exploited Since April Read More »

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor

CVE-2024-4978, ICS/OT, JAVS, Malware & Threats, Rapid7, Vulnerabilities /

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor 2024-05-24 at 16:31 By Ionut Arghire Backdoored JAVS courtroom recording and management software installer puts thousands at risk of complete takeover. The post JAVS Courtroom Audio-Visual Software Installer Serves Backdoor appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

JAVS Courtroom Audio-Visual Software Installer Serves Backdoor Read More »

Microsoft Quick Assist Tool Abused for Ransomware Delivery

Black Basta, Featured, Malware & Threats, Ransomware /

Microsoft Quick Assist Tool Abused for Ransomware Delivery 2024-05-17 at 14:46 By Ionut Arghire The Black Basta group abuses remote connection tool Quick Assist in vishing attacks leading to ransomware deployment. The post Microsoft Quick Assist Tool Abused for Ransomware Delivery appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

Microsoft Quick Assist Tool Abused for Ransomware Delivery Read More »

New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data

Android trojan, Malware, Malware & Threats /

New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data 2024-05-17 at 14:46 By Ionut Arghire The Antidot Android banking trojan snoops on users and steals their credentials, contacts, and SMS messages. The post New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

New ‘Antidot’ Android Trojan Allows Cybercriminals to Hack Devices, Steal Data Read More »

Threat Actors Abuse GitHub to Distribute Multiple Information Stealers

AMOS, Fraud & Identity Theft, macOS, Malware & Threats, Recorded Future, Russia /

Threat Actors Abuse GitHub to Distribute Multiple Information Stealers 2024-05-15 at 18:31 By Ionut Arghire Russian-speaking threat actors are caught abusing a GitHub profile to distribute information stealers posing as legitimate software. The post Threat Actors Abuse GitHub to Distribute Multiple Information Stealers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Threat Actors Abuse GitHub to Distribute Multiple Information Stealers Read More »

400,000 Linux Servers Hit by Ebury Botnet 

botnet, Linux malware, Malware, Malware & Threats /

400,000 Linux Servers Hit by Ebury Botnet  2024-05-15 at 15:01 By Ionut Arghire The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected. The post 400,000 Linux Servers Hit by Ebury Botnet  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Loading spinner

400,000 Linux Servers Hit by Ebury Botnet  Read More »

Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities

CVE-2024-30040, CVE-2024-30044, CVE-2024-30051, Featured, Malware & Threats, Microsoft, Patch Tuesday, Ransomware, Vulnerabilities /

Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities 2024-05-14 at 22:47 By Ryan Naraine Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. The post Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities Read More »

Adobe Patches Critical Flaws in Reader, Acrobat

Acrobat and Reader, Adobe, Malware & Threats, Patch Tuesday, Vulnerabilities /

Adobe Patches Critical Flaws in Reader, Acrobat 2024-05-14 at 21:01 By Ryan Naraine Adobe documents multiple code execution flaws in a wide range of products, including the widely deployed Adobe Acrobat and Reader software. The post Adobe Patches Critical Flaws in Reader, Acrobat appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Adobe Patches Critical Flaws in Reader, Acrobat Read More »

Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks

DNS, Malware, Malware & Threats /

Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks 2024-05-14 at 15:31 By Ionut Arghire Threat actors are using DNS tunneling to track victims’ interaction with spam and to scan network infrastructures. The post Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Attackers Use DNS Tunneling to Track Victim Activity, Scan Networks Read More »

Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS

apple, CVE-2024-23296, Malware & Threats, Patch Tuesday, RTKit, Vulnerabilities /

Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS 2024-05-13 at 23:01 By Ryan Naraine Apple documents another zero-day flaw being exploited on older iPhones and documents security problems in macOS, iOS and iPadOS. The post Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Apple Patch Day: Code Execution Flaws in iPhones, iPads, macOS Read More »

US Says North Korean Hackers Exploiting Weak DMARC Settings 

APT, DMARC, email security, Featured, Kimsuky, Malware & Threats, Nation-State, North Korea /

US Says North Korean Hackers Exploiting Weak DMARC Settings  2024-05-03 at 19:16 By Ionut Arghire The US government warns of a North Korean threat actor abusing weak email DMARC settings to hide spear-phishing attacks. The post US Says North Korean Hackers Exploiting Weak DMARC Settings  appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

US Says North Korean Hackers Exploiting Weak DMARC Settings  Read More »

Scroll to Top