General Security News
-
Researchers Uncover Over a Dozen Security Flaws in Akuvox E11 Smart Intercom
More than a dozen security flaws have been disclosed in E11, a smart intercom product made by Chinese company Akuvox. "The vulnerabilities could...
-
KamiKakaBot Malware Used in Latest Dark Pink APT Attacks on Southeast Asian Targets
The Dark Pink advanced persistent threat (APT) actor has been linked to a fresh set of attacks targeting government and military entities in...
-
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif....
-
U.S. House and Senate members Data Hacked, Offered for Sale
The breach of a Washington, DC, health insurance marketplace may have allowed hackers’ access to members of the House and Senate’s sensitive...
-
100M+ Downloaded Shein App Found Copying Clipboard Content on Android Phones
There have been recent revelations by Microsoft that an old version of the SHEIN Android application has been found reading the contents of the...
-
Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware
Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware....
-
IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several...
-
Does Your Help Desk Know Who's Calling?
Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the...
-
Hackers Using Facebook Ads to Attack Critical Infrastructure Employees
A new information stealer has been recently found by cybersecurity researchers at Morphisec which is called “SYS01stealer.” This stealer primarily...
-
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking...
-
New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access
Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a...
-
Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks
A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on...