Tag: malicious
-
Hackers posing as Ukraine’s Security Service infect 100 govt PCs
by
in SecurityNewsAttackers impersonating the Security Service of Ukraine (SSU) have used malicious spam emails to target and compromise systems belonging to the countr… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-posing-as-ukraines-security-service-infect-100-govt-pcs/
-
Malware-asService and Ransomware-asService lower barriers for cybercriminals
by
in AllgemeinThe sophistication of cyber threats has escalated dramatically, with malicious actors’ deploying advanced tactics, techniques, and procedures (TTPs) t… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/09/maas-threat-landscape/
-
China’s Evasive Panda Attacks ISP to Send Malicious Software Updates
First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/chinas-evasive-panda-attacks-isp-to-send-malicious-software-updates
-
Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say
by
in SecurityNewsBadoo, Bumble, Grindr, happn, Hinge and Hily all had the same vulnerability that could have helped a malicious user to identify the near-exact locatio… First seen on techcrunch.com Jump to article: techcrunch.com/2024/07/31/bumble-and-hinge-allowed-stalkers-to-pinpoint-users-locations-down-to-2-meters-researchers-say/
-
QuickShell: Sharing Is Caring about an RCE Attack Chain on Quick Share
by
in SecurityNewsSee how a SafeBreach Labs researcher bypassed the anti-tampering mechanism of a leading EDR to execute malicious code within one of the EDR’s own proc… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/quickshell-sharing-is-caring-about-an-rce-attack-chain-on-quick-share/
-
Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform
by
in SecurityNewsIn yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the ques… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/hackers-distributing-malicious-python.html
-
Over 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique
by
in SecurityNewsOver a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack.The powerful attack vec… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/over-1-million-domains-at-risk-of.html
-
CISA Warns of Cisco Smart Install Feature Actively Exploited by Hackers
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over malicious cyber actors’ active exploitation of the Cisco Smart Inst… First seen on gbhackers.com Jump to article: gbhackers.com/cisco-smart-install-feature/
-
Federal watchdog urges EPA to develop comprehensive cyber strategy to protect water systems
by
in SecurityNewsThe report comes amid a rise in malicious cyberthreats from state-linked and criminal hackers targeting U.S. drinking water and water treatment facili… First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/federal-watchdog-epa-cyber-strategy/723427/
-
‘0.0.0.0 Day’ browser flaw enables malicious requests to local networks
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/news/0-0-0-0-day-browser-flaw-enables-malicious-requests-to-local-networks
-
0.0.0.0 Day flaw allows malicious websites to bypass security in major browsers
An 18-year-old bug, dubbed >>0.0.0.0 Day,
-
Government Hit by Multi-Malware Cyberattack via Cloudflare Service
by
in SecurityNewsA sophisticated cyberattack targeting the government sector has been uncovered, utilizing a quartet of malicious software XWorm, AsyncRAT, VenomRAT, a… First seen on securityonline.info Jump to article: securityonline.info/government-hit-by-multi-malware-cyberattack-via-cloudflare-service/
-
18-year-old security flaw in Firefox and Chrome exploited in attacks
by
in SecurityNewsA vulnerability disclosed 18 years ago, dubbed 0.0.0.0 Day, allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/18-year-old-security-flaw-in-firefox-and-chrome-exploited-in-attacks/
-
New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users
by
in SecurityNewsCybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on … First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/new-flaws-in-sonos-smart-speakers-allow.html
-
Malicious npm packages leveraged by North Korean hackers for Windows compromise
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/malicious-npm-packages-leveraged-by-north-korean-hackers-for-windows-compromise
-
Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes
by
in SecurityNewsA new malicious campaign has been observed making use of malicious Android apps to steal users’ SMS messages since at least February 2022 as part of a… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/cybercriminals-deploy-100k-malware.html
-
Attacks on Bytecode Interpreters Conceal Malicious Injection Activity
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/attacks-on-bytecode-interpreters-conceal-malicious-injection-activity
-
Exim vulnerability affecting 1.5M servers lets attackers attach malicious files
by
in SecurityNewsFirst seen on arstechnica.com Jump to article: arstechnica.com/
-
Attackers Hijack Facebook Pages, Promote Malicious AI Photo Editor
by
in SecurityNewsFirst seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/attackers-hijack-facebook-pages-promote-malicious-ai-photo-editor
-
Record Breaking DDoS Attack 419 TB of Malicious Traffic Within 24-Hours
by
in SecurityNewsA record-breaking Distributed Denial of Service (DDoS) attack unleashed 419 terabytes of malicious traffic over 24 hours. This unprecedented event, wh… First seen on gbhackers.com Jump to article: gbhackers.com/breaking-ddos-attack-419/
-
AWS Launches Mithra To Detect Malicious Domains Across Systems
by
in SecurityNewsAmazon’s e-commerce platforms and cloud services form a digital ecosystem requiring a strong cybersecurity framework. Amazon, which has a vast online … First seen on gbhackers.com Jump to article: gbhackers.com/aws-mithra-malicious-domains/
-
Microsoft 365 Vulnerability Let Hackers Bypass Anti-phishing Feature
by
in SecurityNewsA vulnerability in Microsoft 365 (formerly Office 365) has been found that allows malicious actors to bypass anti-phishing measures. One of the anti-p… First seen on gbhackers.com Jump to article: gbhackers.com/microsoft-365-phishing-bypass/
-
Malicious domains blocked by AWS neural network system
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/malicious-domains-blocked-by-aws-neural-network-system
-
AWS Neural Network System Blocks Malicious Domains
by
in SecurityNewsFirst seen on scmagazine.com Jump to article: www.scmagazine.com/brief/aws-neural-network-system-blocks-malicious-domains
-
Chrome Security Update: Patch for Multiple Vulnerabilities
by
in SecurityNewsGoogle has announced a critical security update for its Chrome browser, addressing several vulnerabilities that malicious actors could exploit. The St… First seen on gbhackers.com Jump to article: gbhackers.com/chrome-security-update-patch/
-
OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script
by
in SecurityNewsCybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerS… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/onedrive-phishing-scam-tricks-users.html
-
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
by
in SecurityNewsCybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the … First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/malicious-pypi-package-targets-macos-to.html
-
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
by
in SecurityNewsA Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-s… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/spanish-hackers-bundle-phishing-kits.html
-
Beware Of Fake AI Editor Website That Steals Your Login Credentials
by
in SecurityNewsHackers often make use of fake AI editor websites for several illicit purposes with malicious intent. Among their prime activities are deceiving users… First seen on gbhackers.com Jump to article: gbhackers.com/ake-al-editor-security-alert/
-
Chinese hackers compromised an ISP to deliver malicious software updates
by
in SecurityNewsAPT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Vole… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/08/05/compromised-isp-dns-malware/