Posted inNews
From Dark Reading – CISA Warns of Resurge Malware Connected to Ivanti Vuln
Threat actors are exploiting a vulnerability in Ivanti Connect Secure first disclosed by the vendor in January. Read More
Posted inVulnerabilities
From Cybersecurity Help – New RESURGE malware targets Ivanti Connect Secure devices
RESURGE has capabilities similar to the SPAWNCHIMERA malware variant, albeit with several differences. Read More
Posted inNews
From The Hacker News – RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security flaw in Ivanti Connect Secure (ICS) appliances.
"RESURGE contains capabilities of the SPAWNCHIMERA malware variant, including surviving reboots; however, RESURGE contains distinctive commands that
Posted inNews
From Cyber Security News – Lotus Blossom APT Exploits WMI for Post-Exploitation Activities
The Lotus Blossom Advanced Persistent Threat (APT) group, also known as Lotus Panda, Billbug, and Spring Dragon, has intensified its cyberespionage efforts with new variants of the Sagerunex backdoor. These…
Posted inNews
From Security Week – Morphing Meerkat Phishing Kits Target Over 100 Brands
[[{"value":"A threat actor tracked as Morphing Meerkat abuses DNS mail exchange (MX) records to deliver spoofed login pages. The post Morphing Meerkat Phishing Kits Target Over 100 Brands appeared first…
Posted inNews
From Security Week – Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe
[[{"value":"The Grandoreiro banking trojan has reemerged in new campaigns targeting users in Latin America and Europe. The post Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe appeared first on…
Posted inNews
From Cyber Security News – Multistage Info Stealer SnakeKeylogger Attacking Individuals and Businesses to Steal Logins
SnakeKeylogger has emerged as a sophisticated credential-stealing malware, targeting both individuals and organizations with its multi-stage infection chain and stealthy in-memory execution techniques. This malware is specifically designed to harvest…
Posted inVulnerabilities
From Cybersecurity Help – UAT-5918 info-stealing campaign targets critical infrastructure entities in Taiwan
The tactics and tools employed by UAT-5918 overlap with other state-sponsored threat groups, such as Volt Typhoon, Flex Typhoon, and Earth Estries. Read More
.webp)
Posted inNews
From Cyber Security News – Hackers Employ DLL Side-Loading To Deliver Malicious Python Code
A sophisticated cybersecurity threat has emerged as threat actors have begun leveraging DLL side-loading techniques to distribute malicious Python code. This attack vector allows hackers to bypass standard security controls…
.webp)
Posted inNews
From Cyber Security News – New Sophisticated Phishing Attack Exploiting Microsoft 365 Infrastructure To Attack Users
A sophisticated new phishing campaign has been discovered that exploits Microsoft 365’s legitimate infrastructure to conduct highly convincing credential harvesting and account takeover attempts. Unlike traditional phishing attempts that rely…
Posted inNews
From Cyber Security News – Cisco Webex for BroadWorks Vulnerability Let Remote Attackers Access Data & Credentials
A newly disclosed vulnerability in Cisco Webex for BroadWorks Release 45.2 enables remote attackers to intercept sensitive credentials and user data when Session Initiation Protocol (SIP) communications lack encryption. This…
Posted inNews
From Cyber Security News – Hackers Hijacking Access to Cloud-based AI Models With Exposed Keys in 19 Minutes
New research reveals that threat actors are exploiting exposed cloud credentials to hijack enterprise AI systems within minutes of credential leakage. Recent incidents have demonstrated that attackers can compromise large…
Posted inNews
From Cyber Security News – Yodobashi Camera Users Under Attack from a New Wave of Phishing Attack
A new wave of phishing attacks impersonating Japanese electronics retail giant Yodobashi Camera has emerged, leveraging urgency and brand trust to steal customer credentials. Cybersecurity firm Symantec reported the campaign,…
%20and%20the%20page%20source%20of%20just%20line%20%201%20(Source%20-%20ESET).webp)
Posted inNews
From Cyber Security News – Beware of Fake Job Interview Challenges Attacking Developers To Deliver Malware
A North Korea-aligned cybercriminal campaign dubbed DeceptiveDevelopment has been targeting freelance software developers through fake job interviews since early 2024. Posing as recruiters on platforms like LinkedIn, Upwork, and cryptocurrency-focused…
Posted inNews
From The Hacker News – Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers
The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company's CEO Ben Zhou declared a "war against Lazarus."
The agency said the Democratic People's Republic of Korea (North Korea) was responsible for the theft of the virtual assets from the cryptocurrency exchange, attributing it to a specific cluster