Month: July 2024

Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. "MerkSpy is designed to clandestinely monitor user activities, capture sensitive information, and establish persistence on compromised systems," Fortinet FortiGuard

[[{"value":"The DDoS attacks have evolved tremendously since 2016, with Mirai-like botnets setting new records. Attack frequency and intensity increased notably in 2023, with 1+ Tbps attacks almost becoming daily by…

The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal. "FakeBat primarily aims to download and execute the next-stage payload, such as IcedID, Lumma, RedLine, SmokeLoader, SectopRAT, and Ursnif," the company said in a Tuesday analysis. Drive-by attacks

The cyberattack disrupted national laboratory services, which could slow response to disease outbreaks such as mpox, experts warn. Read More  

Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The campaign, believed to be highly targeted in nature, "leverage target-specific infrastructure and custom WordPress websites as a payload delivery mechanism, but affect a variety of entities across unrelated verticals, and rely on

An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the

[[{"value":"The Android Security Bulletin details security vulnerabilities affecting Android devices, where devices with security patch levels of 2024-07-05 or later address these issues, while Android partners are notified of vulnerabilities…

Multifactor authentication is a good first step, but businesses should look to collect and analyze data to hunt for threats, manage identities more closely, and limit the impact of attacks. Read…

Adversary-in-the-middle attacks can strip out the passkey option from login pages that users see, leaving targets with only authentication choices that force them to give up credentials. Read More