Google Unveils Enhanced Baseband Security for Pixel 9
In a new blog post, Google has unveiled cutting-edge security features for its latest Pixel 9 lineup, focusing on hardening the cellular baseband—a critical, yet often overlooked, component in...
View ArticleJustice Department Seizes 41 Domains Used by Russian Intelligence in Massive...
Yesterday, the Justice Department announced the seizure of 41 internet domains used by Russian intelligence agents to commit cyber fraud and espionage. The unsealing of the warrant marks a...
View ArticleAFP Seizes $9.3 Million in Cryptocurrency from Encrypted Platform Operator in...
The Australian Federal Police (AFP)-led Criminal Assets Confiscation Taskforce (CACT) has successfully restrained $9.3 million in cryptocurrency as part of an ongoing investigation into the mastermind...
View ArticleNew SilentCryptoMiner Campaign Abuses SIEM Agent in Cryptocurrency Mining...
Kaspersky Labs has uncovered a sophisticated cyberattack campaign that abuses an open-source Security Information and Event Management (SIEM) agent to deploy SilentCryptoMiner, a stealthy...
View ArticleNew Skidmap Rootkit Variant Targets Enterprise Linux Servers via Redis...
Cybersecurity analysts at Doctor Web have identified a new modification of the notorious Skidmap mining trojan targeting Linux machines. This advanced rootkit operates as a malicious kernel module,...
View ArticleCeranaKeeper: A New China-Aligned Threat Targeting Thailand’s Government
ESET researchers have exposed a newly identified advanced persistent threat (APT) group, dubbed CeranaKeeper, targeting governmental institutions in Thailand since 2023. Originally, some of this...
View ArticleCVE-2024-9441: Unpatched Flaw Exposes Linear eMerge Systems to Remote...
A severe security vulnerability has been identified in the Linear eMerge e3-Series access control systems, affecting versions up to 1.00-07. Designated as CVE-2024-9441 with a CVSS score of 9.8,...
View ArticleOkta Patches Vulnerability Allowing Unauthorized Access
Identity and access management giant, Okta, recently addressed a vulnerability that could have allowed malicious actors with valid credentials to bypass critical security measures. The vulnerability,...
View ArticleD3D Security IP Cameras Risk Data Breach, Live Feed Access, No Patch Available
The Indian Computer Emergency Response Team (CERT-In) has issued an urgent advisory concerning two critical vulnerabilities discovered in the D3D Security IP Camera D8801, which could potentially allow...
View ArticleGoogle Play Protect Takes Aim at Financial Fraud in India with New Pilot Program
Google is stepping up its fight against cybercrime in India with a new pilot program for Google Play Protect. This enhanced fraud protection feature aims to shield Android users from... The post Google...
View ArticleGlobal Coalition Strengthens Fight Against Ransomware, White House Announces
The White House recently hosted the fourth gathering of the International Counter Ransomware Initiative (CRI), a coalition now boasting 68 members dedicated to combating the growing threat of...
View ArticleRed Barrels Hit by Cyberattack: Outlast Game Data Compromised
Red Barrels, the studio behind the acclaimed Outlast horror game series announced on Wednesday that it was the victim of a significant cyberattack, compromising sensitive data and disrupting...
View ArticleNew MS-SQL Server Attack Campaign Leverages GotoHTTP for Remote Access
Experts from the AhnLab Security Intelligence Center (ASEC) have uncovered new attacks on MS-SQL servers, targeting unsecured accounts and weak passwords. In this malicious campaign, the attackers...
View ArticleVenator: A Kubernetes-Native Threat Detection Platform for Enhanced Security...
In today’s increasingly complex threat landscape, organizations require agile and scalable security solutions to effectively identify and respond to evolving attack vectors. Venator, an open-source...
View ArticleUnforeseen Consequences: AI Assistant Renders CEO’s System Inoperable
Buck Shlegeris, the CEO of the non-profit organization Redwood Research, encountered an unforeseen challenge while using an AI assistant he developed, based on Anthropic’s Claude model. This tool was...
View ArticleNew MedusaLocker Ransomware Variant: BabyLockerKZ Targets Victims Globally
Researchers Tiago Pereira and Arnaud Zobec from Cisco Talos recently uncovered a new variant of the MedusaLocker ransomware, dubbed BabyLockerKZ. Active since late 2022, this variant has been silently...
View ArticleResearchers Detail Ruby-SAML/GitLab Flaw (CVE-2024-45409) Allows SAML...
In a recent analysis conducted by Harsh Jaiswal and Rahul Maini at ProjectDiscovery, a critical vulnerability, CVE-2024-45409, was uncovered, exposing a flaw in Ruby-SAML and OmniAuth-SAML libraries,...
View ArticleSHROUDED#SLEEP: APT37’s Advanced Evasion and Persistence Tactics in Southeast...
In a recent discovery, the Securonix Threat Research team, led by Den Iuzvyk and Tim Peck, has uncovered a stealthy malware campaign attributed to North Korea’s APT37, also known as... The post...
View ArticleCyberVolk: From Hacktivism to Ransomware – Researcher Exposes New Threat
Cybersecurity researchers at Rapid7 Labs have released a detailed report on CyberVolk, a politically motivated hacktivist group that transitioned into using ransomware as a primary tool in their...
View ArticleActive Exploits Target Zimbra Collaboration: Over 19K Systems Vulnerable to...
Enterprise security firm Proofpoint has issued a critical warning regarding active exploitation attempts against Synacor’s Zimbra Collaboration platform. A recently disclosed security flaw, tracked as...
View Article