General Security News
-
Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities
Thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints remain vulnerable to two critical security flaws disclosed by the...
-
New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants that...
-
BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies
Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent versions...
-
Hackers Deploy New Information Stealer Malware onto Python Developers’ Machines
Researchers at Phylum recently discovered that hackers had been injecting information stealer malware into Python developers’ machines in order to...
-
APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector
Microsoft's decision to block Visual Basic for Applications (VBA) macros by default for Office files downloaded from the internet has led many...
-
BlueNoroff APT Hackers Using New Ways to Bypass Windows MotW Protection
BlueNoroff, a subcluster of the notorious Lazarus Group, has been observed adopting new techniques into its playbook that enable it to bypass...
-
Critical Linux Kernel Vulnerability Let Attackers Execute Arbitrary Code Remotely
SMB servers that have ksmbd enabled are vulnerable to hacking due to a major Linux kernel vulnerability (CVSS score of 10). KSMBD is a Linux...
-
Hackers Using Automated Attack to Exploit Exchange Server and SQL Injection Vulnerabilities
Recently, cybersecurity analysts at Prodraft’s threat intelligence team detected that the hacker group FIN7 was actively exploiting...
-
Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak
Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action...
-
GuLoader Malware Utilizing New Techniques to Evade Security Software
Cybersecurity researchers have exposed a wide variety of techniques adopted by an advanced malware downloader called GuLoader to evade security...
-
2022 Top Five Immediate Threats in Geopolitical Context
As we are nearing the end of 2022, looking at the most concerning threats of this turbulent year in terms of testing numbers offers a threat-based...
-
W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names
Threat actors have published yet another round of malicious packages to Python Package Index (PyPI) with the goal of delivering...