General Security News
-
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing...
-
Alarming Rise in Mobile Banking Malware – Over 200,000 New Installers Discovered
In 2022, the number of new mobile banking Trojan installers found by Kaspersky Lab’s cybersecurity researchers surged to 196,476, which is more...
-
Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware "uses...
-
Critical Flaws in WordPress Houzez Theme Exploited to Hijack Websites
Houzez is a high-quality WordPress theme that is available for purchase on ThemeForest, a popular marketplace for digital products. This premium...
-
New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises
A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within enterprise...
-
Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain
Romanian cybersecurity company Bitdefender has released a free decryptor for a new ransomware strain known as MortalKombat. MortalKombat is a new...
-
Application Security vs. API Security: What is the difference?
As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever to...
-
Beware of Malicious 2FA Apps in App Store and Google Play that Deploys Malware
Cybersecurity experts at Sophos recently detected multiple malicious 2FA apps in App Store and Google Play that deploy malware. While Twitter...
-
Stanford University Data Breach – Ph.D. Admission Data Leaked
Stanford University has recently reported a security incident involving a data breach. The incident, which occurred between December 2022 and...
-
Hacker Claim Telecom Provider Data Including Source Code, Employee Data Stolen
Telus, a Canadian national telecommunications company is looking into whether employees’ data as well as the source code for the system were...
-
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known Exploited...
-
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said it happened as...