General Security News
-
Charming Kitten APT Group Uses Innovative Spear-phishing Methods
Charming Kitten APT Group Uses Innovative Spear-phishing Methods. Volexity researchers recently noticed that threat actors are actively...
-
MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2023: Are You at Risk?
MITRE has released its annual list of the Top 25 "most dangerous software weaknesses" for the year 2023. "These weaknesses lead to serious...
-
From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon
The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2...
-
Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes
Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware "represents a significant shift...
-
Honeywell Server Compromised by MOVEit Hackers
A flaw was discovered in Progress MOVEit Transfer, a popular third-party online transfer application. By exploiting the flaw, attackers...
-
Akira Ransomware Expanded its Toolkit to Attack Linux Machines
A newly emerged ransomware known as Akira expands its operations to target Linux-based platforms which add the “.akira” file extension to each...
-
Andariel APT Hackers Drop a New Malware On Windows Via Weaponized MS Word Doc
The latest research discovered Andariel, a part of the Lazarus group, introduced several new malware families, such as YamaBot and MagicRat,...
-
Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts
A critical security flaw has been disclosed in miniOrange's Social Login and Register plugin for WordPress that could enable a malicious actor to...
-
Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data
A previously undocumented Windows-based information stealer called ThirdEye has been discovered in the wild with capabilities to harvest sensitive...
-
Alert: New Electromagnetic Attacks on Drones Could Let Attackers Take Control
Drones that don't have any known security weaknesses could be the target of electromagnetic fault injection (EMFI) attacks, potentially enabling a...
-
Cisco AsyncOS Software Flaw Let Remote Hackers Launch XSS Attack
Cisco AsyncOS Software, used by Cisco Secure Email and Web Manager, Cisco Secure Email Gateway (previously Cisco Email Security Appliance; ESA),...
-
Zyxel Command Injection Vulnerability Let Attackers Execute OS Commands
Zyxel has been one of the world’s leading networking products manufacturing companies and one of the top companies in the telecommunications...