Beware of “The Unarchiver” Imposter: New macOS Malware Steals Sensitive User...
Security researchers at Hunt.io have uncovered a sophisticated macOS malware campaign that masquerades as the popular file archiving tool “The Unarchiver.” This malicious imposter, named “CryptoTrade,”...
View ArticleChinese APT41 Group Breaches Taiwanese Research Institute
A recent report from Cisco Talos has revealed a sophisticated cyberattack targeting a Taiwanese government-affiliated research institute. The attack, believed to have been carried out by the Chinese...
View ArticleCVE-2024-7339: DVR Vulnerability Exposes Over 400,000 Devices to Hackers
A security flaw tracked as CVE-2024-7339, has been discovered in a wide range of popular DVR (Digital Video Recorder) devices, including models from TVT, Provision-ISR, AVISION, and others. This...
View ArticleMalicious PyPI Packages Expose User Credentials
The FortiGuard Labs team has uncovered a series of malicious packages lurking within the Python Package Index (PyPI), the official repository for Python software packages. These malicious packages,...
View Article20,000+ Ubiquiti Devices Exposed: Amplification Attacks & Data Leaks
A new report from Check Point Research (CPR) reveals that over 20,000 Ubiquiti devices, including the popular G4 Instant Camera and other models, remain susceptible to cyberattacks. The...
View Article600+ Domains, One Goal: Inside the ERIAKOS Mobile E-commerce Scam
In a significant development in the fight against cyber fraud, Recorded Future’s Payment Fraud Intelligence team has identified a sophisticated scam campaign, dubbed “ERIAKOS.” This campaign leverages...
View ArticleSLUBStick: Linux Kernel Exploitation with Cross-Cache Attacks
Security researchers Lukas Maar, Stefan Gast, Martin Unterguggenberger, Mathias Oberhuber, and Stefan Mangard from the Graz University of Technology have discovered a new way to exploit vulnerabilities...
View ArticleCybercriminals Target OneBlood: Blood Supply Chain Threatened
The nonprofit organization OneBlood, which supplies donor blood to over 250 hospitals in the United States, finds itself in a challenging situation. Hackers attacked its computer system with...
View ArticleBingoMod Malware: Android Banking Trojan Empties Accounts, Wipes Devices
The cybersecurity company Cleafy has discovered a malicious software named BingoMod targeting Android platforms. This malware attempts to access device-based bank accounts and transfer the deposits....
View ArticleWorld’s Top Silver Producer Fresnillo PLC Suffers Cyberattack
Fresnillo PLC, the world’s largest silver producer, has fallen victim to a cyberattack that resulted in unauthorized access to certain IT systems and data. Upon discovering the incident, the company...
View ArticleBeware of Fake Sora AI: Cybercriminals Exploit Hype with Malware Attacks
The buzz surrounding OpenAI’s yet-to-be-released AI model, Sora, has attracted unwanted attention from cybercriminals. Reports from Cyble Research and Intelligence Labs (CRIL) reveal that threat actors...
View ArticleTwilio Axes Authy Desktop: Users Logged Out Forcibly
Twilio, the multifactor authenticator developer, previously announced the termination of its Authy desktop service. The desktop version, which enabled users to receive verification codes and log in on...
View ArticleApple Open-Sources Homomorphic Encryption for Enhanced Data Security
Apple has recently made its homomorphic encryption technology, used to protect user privacy and security in its services, available through an open-source Swift package, facilitating easier...
View ArticleChinese Hackers Accused of Spying on German Cartography Agency
Germany has officially accused Chinese hackers of a cyberattack on the Federal Agency for Cartography and Geodesy (BKG) in 2021. This announcement was made on July 31, when German authorities summoned...
View ArticleOpenCTI: Empowering Cyber Threat Intelligence Management
In the ever-evolving landscape of cybersecurity, staying ahead of threats requires more than just antivirus software and firewalls. It demands a comprehensive understanding of the tactics, techniques,...
View ArticleDomain Takeover: 35,000+ Victims of Sitting Ducks Attack
Cybercriminals have seized over 35,000 registered domains using an attack researchers have dubbed “Sitting Ducks.” This method allows attackers to capture domains without accessing the owner’s account...
View ArticleStorm-1152’s CAPTCHA Bypass Operation Foiled by Microsoft
Microsoft has seized a domain used by the Vietnamese group Storm-1152 to sell fraudulent accounts and CAPTCHA bypass services. The domain rockcaptcha[.]com was taken down six months after Microsoft...
View ArticleBunkerWeb: The Next-Generation Open-Source Web Application Firewall
In today’s digital landscape, ensuring the security of web services is paramount. Enter BunkerWeb, a cutting-edge, open-source Web Application Firewall (WAF) that promises to make web security seamless...
View ArticleAccelerating Memory Safety: DARPA’s TRACTOR Program Transforms C to Rust
DARPA is accelerating the transition to memory-safe programming languages through the TRACTOR program, aimed at automated conversion of C code to Rust. This initiative is developing machine learning...
View ArticleCritical Admidio Vulnerabilities CVE-2024-37906 and CVE-2024-38529 Revealed
Cybersecurity researchers have uncovered two critical security vulnerabilities (CVE-2024-37906 and CVE-2024-38529) in Admidio, a popular open-source user management system used by organizations and...
View Article