General Security News
-
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
The malware downloader known as BATLOADER has been observed abusing Google Ads to deliver secondary payloads like Vidar Stealer and Ursnif....
-
U.S. House and Senate members Data Hacked, Offered for Sale
The breach of a Washington, DC, health insurance marketplace may have allowed hackers’ access to members of the House and Senate’s sensitive...
-
100M+ Downloaded Shein App Found Copying Clipboard Content on Android Phones
There have been recent revelations by Microsoft that an old version of the SHEIN Android application has been found reading the contents of the...
-
Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware
Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware....
-
IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several...
-
Does Your Help Desk Know Who's Calling?
Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the...
-
Hackers Using Facebook Ads to Attack Critical Infrastructure Employees
A new information stealer has been recently found by cybersecurity researchers at Morphisec which is called “SYS01stealer.” This stealer primarily...
-
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out cryptojacking...
-
New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access
Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a...
-
Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks
A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on...
-
PoC Exploit Released For Critical Microsoft Word RCE Bug
There has been a proof-of-concept published recently for CVE-2023-21716 that analyzes this vulnerability. This vulnerability has been marked as...
-
HiatusRAT Malware Attack Routers to Gain Remote Access & Download Files
Lumen’s Black Lotus Labs recently witnessed that Hackers are currently targeting DrayTek Vigor router models 2960 and 3900 in a campaign known as...