Attackers are using Eval PHP, an outdated legitimate WordPress plugin, to compromise websites by injecting stealthy backdoors. Eval PHP is an old WordPress plugin that allows site...
Author:
Google: Ukraine targeted by 60% of Russian phishing attacks in 2023
Google’s Threat Analysis Group (TAG) has been monitoring and disrupting Russian state-backed cyberattacks targeting Ukraine’s critical infrastructure in 2023. Google reports that from January to March...
Lazarus hackers now push Linux malware via fake job offers
A new Lazarus campaign considered part of “Operation DreamJob” has been discovered targeting Linux users with malware for the first time. This new targeting was discovered...
Capita confirms hackers stole data in recent cyberattack
London-based professional outsourcing giant Capita has published an update on the cyber-incident that impacted it at the start of the month, now admitting that hackers exfiltrated...
Fortra shares findings on GoAnywhere MFT zero-day attacks
Fortra has completed its investigation into the exploitation of CVE-2023-0669, a zero-day flaw in the GoAnywhere MFT solution that the Clop ransomware gang exploited to steal...
UK cyber-argency warns of a new ‘class’ of Russian hackers
The United Kingdom’s NCSC (National Cyber Security Centre) is warning of a heightened risk from attacks by state-aligned Russian hacktivists, urging all organizations in the country...
Hackers actively exploit critical RCE bug in PaperCut servers
Print management software developer PaperCut is warning customers to update their software immediately, as hackers are actively exploiting flaws to gain access to vulnerable servers. PaperCut...
Google patches another actively exploited Chrome zero-day
Google has released a security update for the Chrome web browser to fix the second zero-day vulnerability found to be exploited in attacks this year. “Google...
Play ransomware gang uses custom Shadow Volume Copy data-theft tool
The Play ransomware group has developed two custom tools in .NET, namely Grixba and VSS Copying Tool, which it uses to improve the effectiveness of its...
March 2023 broke ransomware attack records with 459 incidents
March 2023 was the most prolific month recorded by cybersecurity analysts in recent years, measuring 459 attacks, an increase of 91% from the previous month and...
Australians lost a record $3.1 billion to scams last year
The Australian Competition & Consumer Commission (ACCC) says Australians lost a record $3.1 billion to scams in 2022, an 80% increase over the total losses recorded...
New sandbox escape PoC exploit available for VM2 library, patch now
A security researcher has released, yet another sandbox escape proof of concept (PoC) exploit that makes it possible to execute unsafe code on a host running...
New Chameleon Android malware mimics bank, govt, and crypto apps
A new Android trojan called ‘Chameleon’ has been targeting users in Australia and Poland since the start of the year, mimicking the CoinSpot cryptocurrency exchange, an...
Android malware infiltrates 60 Google Play apps with 100M installs
A new Android malware named ‘Goldoson’ has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads. The malicious malware component is part...
Vice Society ransomware uses new PowerShell data theft tool in attacks
The Vice Society ransomware gang is deploying a new, rather sophisticated PowerShell script to automate data theft from compromised networks. Stealing corporate and customer data is...
Russia accuses NATO of launching 5,000 cyberattacks since 2022
The Federal Security Service of the Russian Federation (FSB) has accused the United States and other NATO countries of launching over 5,000 cyberattacks against critical infrastructure...
Legion: New hacktool steals credentials from misconfigured sites
A new Python-based credential harvester and SMTP hijacking tool named ‘Legion’ is being sold on Telegram that targets online email services for phishing and spam attacks....
DDoS attacks shifting to VPS infrastructure for increased power
Hyper-volumetric DDoS (distributed denial of service) attacks in the first quarter of 2023 have shifted from relying on compromised IoT devices to leveraging breached Virtual Private...
Kyocera Android app with 1M installs can be abused to drop malware
A Kyocera Android printing app is vulnerable to improper intent handling, allowing other malicious applications to abuse the flaw to download and potentially install malware on devices....
Hyundai data breach exposes owner details in France and Italy
Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning that hackers gained access to personal...
SAP releases security updates for two critical-severity flaws
Enterprise software vendor SAP has released its April 2023 security updates for several of its products, which includes fixes for two critical-severity vulnerabilities that impact the...
Hacked sites caught spreading malware via fake Chrome updates
Hackers are compromising websites to inject scripts that display fake Google Chrome automatic update errors that distribute malware to unaware visitors. The campaign has been underway...
Kodi discloses data breach after forum database for sale online
The Kodi Foundation has disclosed a data breach after hackers stole the organization’s MyBB forum database containing user data and private messages and attempted to sell...
Cybercriminals charge $5K to add Android malware to Google Play
Malware developers have created a thriving market promising to add malicious Android apps to Google Play for $2,000 to $20,000, depending on the type of malicious...
All Dutch govt networks to use RPKI to prevent BGP hijacking
The Dutch government will upgrade the security of its internet routing by adopting before the end of 2024 the Resource Public Key Infrastructure (RPKI) standard. RPKI,...
Breached shutdown sparks migration to ARES data leak forums
A threat group called ARES is gaining notoriety on the cybercrime scene by selling and leaking databases stolen from corporations and public authorities. The actor emerged on...
Exploit available for critical bug in VM2 JavaScript sandbox library
Proof-of-concept exploit code has been released for a recently disclosed critical vulnerability in the popular VM2 library, a JavaScript sandbox that is used by multiple software to...
Massive Balada Injector campaign attacking WordPress sites since 2017
An estimated one million WordPress websites have been compromised during a long-lasting campaign that exploits “all known and recently discovered theme and plugin vulnerabilities” to inject...
Hackers use Rilide browser extension to bypass 2FA, steal crypto
Security researchers discovered a new malicious browser extension called Rilide, that targets Chromium-based products like Google Chrome, Brave, Opera, and Microsoft Edge. The malware is designed...
Medusa ransomware claims attack on Open University of Cyprus
The Medusa ransomware gang has claimed a cyberattack on the Open University of Cyprus (OUC), which caused severe disruptions of the organization’s operations. OUC is an...