Oct 16, 2024Ravie LakshmananZero-Day / Windows Security The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in… Read More "North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware"
From Misuse to Abuse: AI Risks and Attacks
Oct 16, 2024The Hacker NewsArtificial Intelligence / Cybercrime AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs. Hype “AI… Read More "From Misuse to Abuse: AI Risks and Attacks"
CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
Oct 16, 2024Ravie LakshmananVulnerability / Data Protection The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active… Read More "CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability"
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack
Oct 16, 2024Ravie LakshmananCyber Attack / Banking Trojan A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails. “The spear-phishing campaign’s impact… Read More "Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack"
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access
Oct 16, 2024Ravie LakshmananEnterprise Security / Vulnerability GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS… Read More "GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access"
New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists
Oct 15, 2024Ravie LakshmananFinancial Fraud / Linux North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is “installed on payment… Read More "New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists"
New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
Oct 15, 2024Ravie LakshmananMalware / Cybercrime Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July… Read More "New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT"
TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns
Oct 15, 2024Ravie LakshmananMobile Security / Financial Fraud New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device’s unlock pattern or PIN. “This new addition enables the threat actor… Read More "TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns"
Why Traditional Security Solutions Fall Short
In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at… Read More "Why Traditional Security Solutions Fall Short"
China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns
China’s National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as the Volt Typhoon is a fabrication of the U.S. and its allies. The agency, in collaboration with the National Engineering Laboratory… Read More "China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns"