General Security News
-
New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices
Internet-facing Linux systems and Internet of Things (IoT) devices are being targeted as part of a new campaign designed to illicitly mine...
-
MULTI#STORM Campaign Targets India and U.S. with Remote Access Trojans
A new phishing campaign codenamed MULTI#STORM has set its sights on India and the U.S. by leveraging JavaScript files to deliver remote access...
-
Generative-AI apps & ChatGPT: Potential risks and mitigation strategies
Losing sleep over Generative-AI apps? You're not alone or wrong. According to the Astrix Security Research Group, mid size organizations already...
-
Hackers Attack Linux SSH Servers with Tsunami DDoS Malware
Hackers Attack Linux SSH Servers. An attack campaign has been recently uncovered by AhnLab ASEC, where poorly controlled Linux SSH servers are...
-
Stealthy SMS Side-Channel Attack Exposes SMS Recipient Location
Stealthy SMS Side-Channel Attack Exposed. When you send an SMS, delivery reports let you know if your message reached the recipient. But here the...
-
Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari
Apple on Wednesday released a slew of updates for iOS, iPadOS, macOS, watchOS, and Safari browser to address a set of flaws it said were actively...
-
ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks
The North Korean threat actor known as ScarCruft has been observed using an information-stealing malware with previous undocumented wiretapping...
-
New Report Exposes Operation Triangulation's Spyware Implant Targeting iOS Devices
More details have emerged about the spyware implant that's delivered to iOS devices as part of a campaign called Operation Triangulation....
-
Megaupload Developers Plead Guilty to Avoid US Extradition
Recently, the High Court in Auckland sentenced the Megaupload programmers to jail after they admitted guilt and agreed to provide testimony...
-
Sign in to Leak Your Credentials – Attackers Abusing Legitimate Services
An ongoing phishing campaign has found that attackers abuse legitimate credential harvesting services and data exfiltration to avoid detection....
-
Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products
Three security vulnerabilities have been disclosed in operational technology (OT) products from Wago and Schneider Electric. The flaws, per...
-
Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices
Zyxel has rolled out security updates to address a critical security flaw in its network-attached storage (NAS) devices that could result in the...