Month: July 2024

[[{"value":"The Kematian Stealer has emerged as a sophisticated PowerShell-based malware that covertly exfiltrates sensitive data from compromised systems. This article delves into the intricate workings of this malicious tool, highlighting…

Innocuous little Windows programs were carrying cheap malware for weeks, exposing customers of the India-based software vendor to data theft. Read More  

[[{"value":"A novel malware known as Volcano Demon has been observed targeting Windows workstations and servers, obtaining administrative credentials from the network. The threat actor doesn’t have a leak site and…

[[{"value":"Malware authors are exploiting the growing popularity of QR codes to target users through PDF files, where these malicious PDFs, often delivered via email disguised as faxes, contain QR codes…

[[{"value":"Linux servers often provide hosting for critical applications, websites, and databases, which makes them a lucrative target for intruders to get unauthorized access to steal data and manipulate services. Exploiting…

Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition. "The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device," security researcher

Brazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence (AI) algorithms. The ANPD said it found "evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to

A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike.  The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol. Of the 690 IP addresses that were flagged to

[[{"value":"A critical local privilege escalation vulnerability has been discovered in MSI Center versions 2.0.36.0 and earlier, allowing low-privileged users to escalate their privileges on Windows systems. This security flaw, tracked…

Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The company said it took steps to secure the endpoint to no longer accept unauthenticated requests. The development comes days after an online persona named ShinyHunters