General Security News
-
Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA
Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National...
-
Top FinTech API Security Challenges
A recent report reveals that the number of attacks on financial service APIs and web applications worldwide increased by 257%. There are more...
-
PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration
Cybersecurity researchers have unearthed a new Python-based attack campaign that leverages a Python-based remote access trojan (RAT) to gain...
-
U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software
At least two federal agencies in the U.S. fell victim to a "widespread cyber campaign" that involved the use of legitimate remote monitoring and...
-
Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages
A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that's been believed to be active since at least...
-
Wireshark 4.0.3 Released – What’s New!
The Wireshark Team has recently unveiled the latest iteration of their widely-utilized packet analyzer, Wireshark 4.0.3. This version boasts a...
-
Hackers Using Sliver Framework as an Alternative to Cobalt Strike & Metasploit
Silver is an open-source command-and-control framework that is becoming increasingly popular among malicious actors at current attacks. As threat...
-
What is XDR, MXDR, DRs & SBOM ? – Cybersecurity Acronyms 2023
The field of cybersecurity is rife with acronyms. From AES to VPN, these technical alphabet soup terms have been part of the knowledge of not only...
-
LastPass Parent Company GoTo Suffers Data Breach, Customers' Backups Compromised
LastPass-owner GoTo (formerly LogMeIn) on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers'...
-
VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities
VMware on Tuesday released software to remediate four security vulnerabilities affecting vRealize Log Insight (aka Aria Operations for Logs) that...
-
Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection
Organizations in East Asia are being targeted by a likely Chinese-speaking actor dubbed DragonSpark while employing uncommon tactics to go past...
-
ChatGPT Can Be Used to Create Dangerous Polymorphic Malware
The cybersecurity experts at CyberArk have provided information on the mechanism by which the ChatGPT AI chatbot can produce a new strain of...