General Security News
-
Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure
In what's the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking...
-
AgentTesla Stealer Delivered Via Weaponized PDF and CHM Files
AgentTesla, a notorious information stealer, is observed spreading via CHM and PDF Files, which covertly harvest critical information from the...
-
Microsoft to Kill NTLM and Expand Kerberos Authentication
In an ever-changing digital landscape, robust security measures are paramount. As Windows adapts to meet the evolving demands of our world, user...
-
CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors "interfered" with at least 11 telecommunication service...
-
Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild
Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that’s under active exploitation in the wild. Rooted in the web...
-
Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign
Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing...
-
Hackers Using Remote Admin Tools To Compromise Organizations With Ransomware
Cybercriminals behind the AvosLocker ransomware attack employed a tactic of infecting organizations through Open-Source Remote Administration...
-
Container Security in a GitOps Environment
GitOps is a methodology that uses Git (or other version control systems) to store all aspects of a project’s infrastructure, such as...
-
Phishing-as-a-Service Strox Lets Hackers Phish any Brand by Submitting its Logo
The ever-evolving world of cybercrime has given birth to a disturbing phenomenon – Phishing-as-a-Service (PhaaS), and one name that sends...
-
Binance's Smart Chain Exploited in New 'EtherHiding' Malware Campaign
Threat actors have been observed serving malicious code by utilizing Binance's Smart Chain (BSC) contracts in what has been described as the "next...
-
Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication
Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for...
-
New PEAPOD Cyberattack Campaign Targeting Women Political Leaders
European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that...