Posted inNews
From Dark Reading – Microsoft Sounds Warning on Multifunctional ‘StilachiRAT’
The sneaky malware packs capabilities for system reconnaissance as well as credential and cryptocurrency theft. Read More
Posted inNews
From Dark Reading – Black Basta Leader in League With Russian Officials, Chat Logs Show
Though the chat logs were leaked a month ago, analysts are now seeing that Russian officials may have assisted Black Basta members according, to the shared messages. Read More
.webp)
Posted inNews
From Cyber Security News – New Clearfake Variant Leverages Fake reCAPTCHA To Trick Users Deliver Malicious PowerShell Code
ClearFake, a malicious JavaScript framework first identified in July 2023, has evolved with sophisticated new social engineering tactics. Originally designed to display fake browser update pages, the framework has undergone…
.webp)
Posted inNews
From Cyber Security News – 8-Year Old Windows Shortcut Zero-Day Exploited by 11 State-Sponsored Groups
A critical Windows vulnerability that has been exploited since 2017 by state-sponsored threat actors has been uncovered recently by researchers. The vulnerability, tracked as ZDI-CAN-25373, allows attackers to execute hidden…
.webp)
Posted inNews
From Cyber Security News – Bybit Hack – Sophisticated Multi-Stage Attack Details Revealed
Cryptocurrency exchange Bybit detected unauthorized activity involving its Ethereum cold wallets, leading to a major security breach. The incident occurred during an ETH multisig transaction facilitated through Safe{Wallet}, when attackers…
Posted inNews
From Dark Reading – Extortion Reboot: Ransomware Crew Threatens Leak to Snowden
Though the group initially stuck to classic ransomware TTPs before demanding the ransom, it went off script when it began threatening the group and detailing potential consequences the victim would…
.webp)
Posted inNews
From Cyber Security News – Hackers Employ DLL Side-Loading To Deliver Malicious Python Code
A sophisticated cybersecurity threat has emerged as threat actors have begun leveraging DLL side-loading techniques to distribute malicious Python code. This attack vector allows hackers to bypass standard security controls…
Posted inNews
From Security Week – Critical AMI BMC Vulnerability Exposes Servers to Disruption, Takeover
[[{"value":"A critical vulnerability affecting baseboard management controller (BMC) firmware made by AMI could expose many devices to remote attacks. The post Critical AMI BMC Vulnerability Exposes Servers to Disruption, Takeover …
Posted inNews
From Security Week – Google Releases Major Update for Open Source Vulnerability Scanner
[[{"value":"Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers. The post Google Releases Major Update for Open Source Vulnerability Scanner appeared first on SecurityWeek."}]] Read…
Posted inNews
From The Hacker News – New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors
Cybersecurity researchers have disclosed details of a new supply chain attack vector dubbed Rules File Backdoor that affects artificial intelligence (AI)-powered code editors like GitHub Copilot and Cursor, causing them to inject malicious code.
"This technique enables hackers to silently compromise AI-generated code by injecting hidden malicious instructions into seemingly innocent
.webp)
Posted inNews
From Cyber Security News – Squid Werewolf Mimic as Recruiters Attacking Job Seekers To Exfiltrate Personal Data
A sophisticated cyber espionage campaign has been uncovered where threat actors are masquerading as recruiters to target job seekers and employees of specific organizations. The attackers send phishing emails disguised…
Posted inNews
From Dark Reading – Actively Exploited ChatGPT Bug Puts Organizations at Risk
A server-side request forgery vulnerability in OpenAI's chatbot infrastructure can allow attackers to direct users to malicious URLs, leading to a range of threat activity. Read More
Posted inNews
From Dark Reading – Orion Security Startup Tackles Insider Threats With AI
The data loss prevention company emerges from stealth with an AI-powered platform to help organizations distinguish between legitimate and risky activity. Read More
Posted inNews
From Cyber Security News – DocSwap Malware as Security Document Viewer Attacking Android Users Worldwide
A sophisticated malware campaign dubbed “DocSwap” has emerged targeting Android users globally by disguising itself as a legitimate document security and viewing application. The malware leverages social engineering tactics to…
.webp)
Posted inNews
From Cyber Security News – Microsoft Warns of New StilachiRAT Stealing Remote Desktop Protocol Sessions Data
Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol (RDP) sessions. The sophisticated malware…