General Security News
-
Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework
Nation-state threat actors are increasingly adopting and integrating the Sliver command-and-control (C2) framework in their intrusion campaigns as...
-
Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations
The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136...
-
U.S. Government Spending Billions on Cybersecurity
In recent months, the House of Representatives has been hard at work drafting various spending bills for the 2023 fiscal year. While these bills...
-
Google Uncovered Tool used by Iranian APT Hackers to Steal Email Data
There has been an addition to the Iranian APR group Charming Kitten’s malware arsenal recently with the addition of a new malicious tool. This...
-
How Can WAF Prevent OWASP Top 10?
The OWASP Top 10 security risks point out the common vulnerabilities seen in web applications. But it does not list the set of attack vectors...
-
PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks
The Python Package Index, PyPI, on Wednesday sounded the alarm about an ongoing phishing campaign that aims to steal developer credentials and...
-
Crypto Miners Using Tox P2P Messenger as Command and Control Server
Threat actors have begun to use the Tox peer-to-peer instant messaging service as a command-and-control method, marking a shift from its earlier...
-
Air-Gapped Devices Can Send Covert Morse Signals via Network Card LEDs
A security researcher who has a long line of work demonstrating novel data exfiltration methods from air-gapped systems has come up with yet...
-
Grandoreiro Banking Trojan Targeting Automotive, Chemicals Manufacturing Industries
The Grandoreiro is a banking trojan that has been identified recently by the security analysts at Zscalerin in recent attacks, and threat actors...
-
Malware in Counterfeit Android Device Attack on WhatsApp and WhatsApp Business
Researchers from Doctor Web identified backdoors in the system partition of budget Android device models which targets WhatsApp and WhatsApp...
-
Hackers Exploited a Zero-day Flaw in Bitcoin ATM Servers to Steal Cryptocurrency
General Bytes Bitcoin ATM servers have been exploited by hackers in order to steal cryptocurrency from their customers as a result of a zero-day...
-
GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software
DevOps platform GitLab this week issued patches to address a critical security flaw in its software that could lead to arbitrary code execution on...