General Security News
-
Researchers Uncover Custom Backdoors and Spying Tools Used by Polonium Hackers
A threat actor tracked as Polonium has been linked to over a dozen highly targeted attacks aimed at Israelian entities with seven different custom...
-
Hackers Using Vishing to Trick Victims into Installing Android Banking Malware
Malicious actors are resorting to voice phishing (vishing) tactics to dupe victims into installing Android malware on their devices, new research...
-
Scribe Platform: End-to-end Software Supply Chain Security
As software supply chain security becomes more and more crucial, security, DevSecOps, and DevOps teams are more challenged than ever to build...
-
Russian Hacker Launch DDoS Attacks Against Major Airports Websites
The Distributed Denial of Service (DDoS) attacks, hit 14 major US airport websites. The websites were temporarily shut down due to DDoS attacks...
-
Phishing-as-a-Service Platform Lets Anyone Launch Own Phishing Campaigns
With the release of the PhaaS platform called ‘Caffeine’, threat actors can now easily launch their own sophisticated phishing attacks. Anyone...
-
Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs
Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively...
-
BazarCall Call Back Phishing Attacks Constantly Evolving Its Social Engineering Tactics
The operators behind the BazaCall call back phishing method have continued to evolve with updated social engineering tactics to deploy malware on...
-
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
A now-patched security flaw in the vm2 JavaScript sandbox module could be abused by a remote adversary to break out of security barriers and...
-
Callback Phishing Attack Tactics Evolved – Successful Attack Drops Ransomware
Trellix released a recent report on the evolution of BazarCall social engineering tactics. Initially BazarCall campaigns appeared in late 2020...
-
Blackbyte Ransomware Bypass EDR Security Using Drive Vulnerability
The group behind a major ransomware attack, BlackByte ransomware gang has turned to a deadly new method of attack, “Bring Your Own Vulnerable...
-
Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively...
-
Researchers Detail Malicious Tools Used by Cyber Espionage Group Earth Aughisky
A new piece of research has detailed the increasingly sophisticated nature of the malware toolset employed by an advanced persistent threat (APT)...