FakeBat Loader Malware Spreads Widely Through Drive-by Download Attacks
The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by...
News
Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks
Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The...
South Korean ERP Vendor’s Server Hacked to Spread Xctdoor Malware
An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver...
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
A newly patched zero-day vulnerability was exploited by Chinese state-backed hackers to compromise Cisco Nexus switches, researchers have revealed.Cisco released...
Health Tech Execs Get Jail Time For $1bn Fraud Scheme
Three former C-suite executives at a health tech startup have been sentenced after fraudulently obtaining an estimated $1bn from investors...
Ransomware Attack Demands Reach a Staggering $5.2m in 2024
The average extortion demand per ransomware attack was over $5.2m (£4.1m) in the first half of 2024, according to a...
Chrome Update Will Block Entrust Certificates by November 2024
Google has announced that starting November 1, 2024, Chrome version 127 and higher will no longer trust new TLS server authentication...
Mobile Political Spam Surges Threefold For 2024 Election
Election 2024 mobile political spam volumes have seen a threefold increase compared with 2022 midterms. The data comes from recent research by...
Critical Vulnerability Affecting Juniper Devices
Juniper has released security updates to address a critical vulnerability (CVE-2024-2973) in their smart router and conductor products. The vulnerability has a...
High-Severity Vulnerability Affecting OpenSSH
Security researchers have discovered a high-severity vulnerability (CVE-2024-6387) in OpenSSH's server (sshd). Successful exploitation of the vulnerability could allow an...
How MFA Failures are Fueling a 500% Surge in Ransomware Losses
The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%....
New Intel CPU Vulnerability ‘Indirector’ Exposes Sensitive Data
Modern CPUs from Intel, including Raptor Lake and Alder Lake, have been found vulnerable to a new side-channel attack that...
OpenSSH Remote Code Execution Vulnerability
A vulnerability was identified in OpenSSH. A remote attacker could exploit this vulnerability to trigger remote code execution on the...
Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware
A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used...
Meta’s ‘Pay or Consent’ Approach Faces E.U. Competition Rules Scrutiny
Meta's decision to offer an ad-free subscription in the European Union (E.U.) has faced a new setback after regulators accused...
Australian Man Charged for Fake Wi-Fi Scam on Domestic Flights
An Australian man has been charged with running a fake Wi-Fi access point during a domestic flight with an aim...
Active Exploitation of Vulnerability in Cisco NX-OS Software
Cisco has released security updates to address a vulnerability (CVE-2024-20399) in their Cisco NX-OS Software. The vulnerability is reportedly being...
Cyber-Insurance Premiums Decline as Firms Build Resilience
Cyber insurance premiums have experienced “double-digit price reductions” over the past year as organizations enhance their cybersecurity, according to a...
Over Six Million Hit by Ransomware Breach at Infosys McCamish Systems
A cyber-attack on outsourcer Infosys McCamish Systems last year impacted more than six million customers, according to a new filing...
Meta’s ‘Pay or Consent’ Data Model Breaches EU Law
The EU Commission has informed Meta that its ‘pay or consent’ model breaches EU law as it does not allow...
Australian Police Arrest Suspect in Fake Wi-Fi Scam Targeting Airport Passengers
The Australian Federal Police (AFP) have arrested a 42-year-old Australian resident who allegedly established a network of fake free Wi-Fi...
US-CERT Vulnerability Summary for the Week of June 24, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Critical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain Attacks
A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that...
CapraRAT Spyware Disguised as Popular Apps Threatens Android Users
The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering...
