The hacker new
-
LastPass Hack: Engineer's Failure to Update Plex Software Led to Massive Data Breach
The massive breach at LastPass was the result of one of its engineers failing to update Plex on their home computer, in what's a sobering reminder...
-
New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims
A never-before-seen complex malware is targeting business-grade routers to covertly spy on victims in Latin America, Europe, and North America at...
-
Security and IT Teams No Longer Need To Pay For SaaS-Shadow IT Discovery
This past January, a SaaS Security Posture Management (SSPM) company named Wing Security (Wing) made waves with the launch of its free SaaS-Shadow...
-
New FiXS ATM Malware Targeting Mexican Banks
A new ATM malware strain dubbed FiXS has been observed targeting Mexican banks since the start of February 2023. "The ATM malware is hidden inside...
-
New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices
A pair of serious security defects has been disclosed in the Trusted Platform Module (TPM) 2.0 reference library specification that could...
-
U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware's Deadly Capabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory about Royal ransomware, which emerged in the threat...
-
Hackers Exploit Containerized Environments to Steal Proprietary Data and Software
A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software....
-
New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers
Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line file...
-
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The...
-
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader and...
-
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing...
-
Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware "uses...