General Security News
-
MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code signing keys on their...
-
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file,...
-
Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
An advanced persistent threat (APT) actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a...
-
New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. The issue,...
-
Hackers use WinRAR as a Cyberweapon to Conduct Destructive Cyberattacks
CERT-UA (Ukrainian Government Computer Emergency Response Team) recently reported that the Ukrainian state networks suffered a cyber attack...
-
New Weaponized Android Apps With 1M Installs Steals 2FA Codes & Passwords
Check Point Research has recently published a study revealing the discovery of a previously unknown malware variant dubbed FluHorse. The malware...
-
Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads
A new Android subscription malware named Fleckpe has been unearthed on the Google Play Store, amassing more than 620,000 downloads in total since...
-
Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model
Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute...
-
Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service
Three new security flaws have been disclosed in Microsoft Azure API Management service that could be abused by malicious actors to gain access to...
-
Malware Campaigns Abusing Telegram Bots to Spread Rapidly
Numerous updates and alterations were witnessed in the major malware families employed in phishing scams during the first quarter of 2023,...
-
New BGP Protocol Flaws Let Attackers Trigger DoS Attacks
Forescout Vedere Labs recently highlighted the neglected BGP security aspect – software implementation vulnerabilities. FRRouting’s BGP message...
-
Google Introduces Passwordless Secure Sign-In with Passkeys for Google Accounts
Almost five months after Google added support for passkeys to its Chrome browser, the tech giant has begun rolling out the passwordless solution...