General Security News
-
Ghosttoken – A Zero-Day Bug Let Hackers Create Invisible Google Accounts
An Israeli cybersecurity company, Astrix’s Security Research Group, discovered a 0-day vulnerability in Google’s Cloud Platform (GCP) dubbed...
-
Google Authenticator App Gets Cloud Backup Feature for TOTP Codes
Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization...
-
Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering
The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings...
-
Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack
Threat actors are employing a previously undocumented "defense evasion tool" dubbed AuKill that's designed to disable endpoint detection and...
-
What is Single Sign-on (SSO) ? – Solution to Ensure Your Company Data Security
Single Sign-on is an authentication process that helps to log in to multiple applications using single login credentials. Security is enhanced...
-
ChatGPT Can be Tricked To Write Malware When You Act as a Developer Mode
Japanese cybersecurity experts warn that ChatGPT can be deceived by users who input a prompt to mimic developer mode, leading the AI chatbot to...
-
First-Ever Cyber Attack Via Kubernetes RBAC to Create Backdoor on Clusters
Recently, a new attack campaign has been discovered by the cybersecurity researchers at Aqua Security that exploits Kubernetes RBAC to assemble...
-
New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web
A new "all-in-one" stealer malware named EvilExtractor (also spelled Evil Extractor) is being marketed for sale for other threat actors to steal...
-
Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers
Print management software provider PaperCut said that it has "evidence to suggest that unpatched servers are being exploited in the wild," citing...
-
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure...
-
New Google Chrome Zero-Day Bug Actively Exploited in Wide – Emergency Update!
On April 18, 2023, Google released a new update for Chrome Desktop versions with security updates for actively exploited second Chrome zero-day...
-
3 iOS Zero-Click Exploits Exploited by NSO Group to Deploy Spyware
In 2022, NSO Group, the Israeli firm notorious for its spyware technology, reemerged with a slew of zero-click exploit chains designed for iOS 15...