Source: www.bleepingcomputer.com – Author: Bill Toulas A new proof-of-concept (PoC) exploit for an actively exploited PaperCut vulnerability was released that bypasses all known detection rules. The PaperCut...
Author:
New Android FluHorse malware steals your passwords, 2FA codes – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new Android malware called ‘FluHorse’ has been discovered, targeting users in Eastern Asia with malicious apps that imitate legitimate...
WordPress custom field plugin bug exposes over 1M sites to XSS attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Security researchers warn that the ‘Advanced Custom Fields’ and ‘Advanced Custom Fields Pro’ WordPress plugins, with millions of installs, are...
Kimsuky hackers use new recon tool to find security gaps – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The North Korean Kimsuky hacking group has been observed employing a new version of its reconnaissance malware, now called ‘ReconShark,’...
New Fleckpe Android malware installed 600K times on Google Play – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new Android subscription malware named ‘Fleckpe’ has been spotted on Google Play, the official Android app store, disguised as...
Cisco phone adapters vulnerable to RCE attacks, no fix available – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote...
Ransomware gang hijacks university alert system to issue threats – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Avos ransomware gang hijacked Bluefield University’s emergency broadcast system, “RamAlert,” to send students and staff SMS texts and email...
Hackers start using double DLL sideloading to evade detection – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas An APT hacking group known as “Dragon Breath,” “Golden Eye Dog,” or “APT-Q-27” is demonstrating a new trend of using...
Russian hackers use WinRAR to wipe Ukraine state agency’s data – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Russian ‘Sandworm’ hacking group has been linked to an attack on Ukrainian state networks where WinRar was used to...
Facebook disrupts new NodeStealer information-stealing malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Facebook discovered a new information-stealing malware distributed on Meta called ‘NodeStealer,’ allowing threat actors to steal browser cookies to hijack...
Brightline data breach impacts 783K pediatric mental health patients – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware...
Level Finance crypto exchange hacked after two security audits – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Hackers exploited a Level Finance smart contract vulnerability to drain 214,000 LVL tokens from the decentralized exchange and swapped them...
FBI seizes 9 crypto exchanges used to launder ransomware payments – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The FBI and Ukrainian police have seized nine cryptocurrency exchange websites that facilitated money laundering for scammers and cybercriminals, including...
Hackers exploit 5-year-old unpatched flaw in TBK DVR devices – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Hackers are actively exploiting an unpatched 2018 authentication bypass vulnerability in exposed TBK DVR (digital video recording) devices. DVRs are...
Police operation ‘SpecTor’ arrests 288 dark web drug vendors and buyers – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas An international law enforcement operation codenamed ‘SpecTor’ has arrested 288 dark web vendors and customers worldwide, with police seizing €50.8...
Hackers use fake ‘Windows Update’ guides to target Ukrainian govt – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian hackers are targeting various government bodies in the country with malicious...
Hackers target vulnerable Veeam backup servers exposed online – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile...
Android Minecraft clones with 35M downloads infect users with adware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A set of 38 Minecraft copycat games on Google Play infected devices with the Android adware ‘HiddenAds’ to stealthily load...
Linux version of RTM Locker ransomware targets VMware ESXi servers – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas RTM Locker is the latest enterprise-targeting ransomware operation found to be deploying a Linux encryptor that targets virtual machines on...
New Atomic macOS info-stealing malware targets 50 crypto wallets – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new macOS information-stealing malware named ‘Atomic’ (aka ‘AMOS’) is being sold to cybercriminals via private Telegram channels for a...
New SLP bug can lead to massive 2,200x DDoS amplification attacks – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas A new reflective Denial-of-Service (DoS) amplification vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service...
Google Authenticator now backs up your 2FA codes to the cloud – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Google Authenticator app has received a critical update for Android and iOS that allows users to back up their...
TP-Link Archer WiFi router flaw exploited by Mirai malware – Source: www.bleepingcomputer.com
Source: www.bleepingcomputer.com – Author: Bill Toulas The Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate...
Intel CPUs vulnerable to new transient execution side-channel attack
A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register. The new attack was...
KuCoin’s Twitter account hacked to promote crypto scam
KuCoin’s Twitter account was hacked, allowing attackers to promote a fake giveaway scam that led to the theft of over $22.6K in cryptocurrency. The cryptocurrency exchange...
APC warns of critical unauthenticated RCE flaws in UPS software
APC’s Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices and, in a worst-case scenario, disabling...
Decoy Dog malware toolkit found after analyzing 70 billion DNS queries
A new enterprise-targeting malware toolkit called ‘Decoy Dog’ has been discovered after inspecting anomalous DNS traffic that is distinctive from regular internet activity. Decoy Dog helps...
EvilExtractor malware activity spikes in Europe and the U.S.
Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users’ sensitive data in Europe and the U.S. EvilExtractor is...
Google ads push BumbleBee malware used by ransomware gangs
The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect, ChatGPT, and Citrix Workspace. Bumblebee is...
Kubernetes RBAC abused to create persistent cluster backdoors
Hackers use a novel method involving RBAC (Role-Based Access Control) to create persistent backdoor accounts on Kubernetes clusters and hijack their resources for Monero crypto-mining. RBAC...