Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users
A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of...
News
MCNA Dental data breach impacts 8.9 million people after ransomware attack
Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million...
New hacking forum leaks data of 478,000 RaidForums members
A database for the notorious RaidForums hacking forums has been leaked online, allowing threat actors and security researchers insight into...
Lazarus hackers target Windows IIS web servers for initial access
The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS)...
Flash loan attack on Jimbos Protocol steals over $7.5 million
Jimbos Protocol, an Arbitrum-based DeFi project, has suffered a flash loan attack that resulted in the loss of more than...
US-CERT Vulnerability Summary for the Week of May 15, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force
Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication...
AceCryptor: Cybercriminals’ Powerful Weapon, Detected in 240K+ Attacks
A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak...
New GobRAT Remote Access Trojan Targeting Linux Routers in Japan
Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. "Initially, the attacker...
3 Challenges in Building a Continuous Threat Exposure Management (CTEM) Program and How to Beat Them
If you're a cybersecurity professional, you're likely familiar with the sea of acronyms our industry is obsessed with. From CNAPP,...
Don’t Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims
A new phishing technique called "file archiver in the browser" can be leveraged to "emulate" a file archiver software in...
PyPI Implements Mandatory Two-Factor Authentication for Project Owners
The Python Package Index (PyPI) announced last week that every account that maintains a project on the official third-party software...
Clever ‘File Archiver In The Browser’ phishing trick uses ZIP domains
A new 'File Archivers in the Browser' phishing kit abuses ZIP domains by displaying fake WinRAR or Windows File Explorer...
PyPI announces mandatory use of 2FA for all software publishers
The Python Package Index (PyPI) has announced that it will require every account that manages a project on the platform...
US-CERT Vulnerability Summary for the Week of May 15, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Hot Pixels attack checks CPU temp, power changes to steal data
A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack...
QBot malware abuses Windows WordPad EXE to infect devices
The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect...
CISA warns govt agencies of recently patched Barracuda zero-day
CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances....
US-CERT Vulnerability Summary for the Week of May 15, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets
A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to...
Cynet Protects Hospital From Lethal Infection
A hospital with 2,000 employees in the E.U. deployed Cynet protections across its environment. The hospital was in the process...
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The...
US govt contractor ABB confirms ransomware attack, data theft
Swiss tech multinational and U.S. government contractor ABB has confirmed that some of its systems were impacted by a ransomware...
BlackByte ransomware claims City of Augusta cyberattack
The city of Augusta in Georgia, U.S., has confirmed that the most recent IT system outage was caused by unauthorized access...
