[ad_1] A critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software, used in its GlobalProtect gateways, is being exploited in the wild, and no patches are available yet. Palo Alto Networks issued an alert about the flaw on April 12, 2024, thanking cybersecurity firm Volexity for discovering it. The vulnerability is a command injection vulnerability …
Palo Alto Networks Warns About Critical Zero-Day in PAN-OS Read More »
[ad_1] Threat actors distributing Raspberry Robin now use Windows Script Files (WSF) to spread the worm alongside other methods, such as USB drives. HP Threat Research identified new campaigns starting in March 2024 in which Raspberry Robin was spread through highly obfuscated Windows Script Files, using anti-analysis techniques. Raspberry Robin is a Windows worm first …
Raspberry Robin Distributed Through Windows Script Files Read More »
[ad_1] Researchers from cybersecurity firm ESET found that a recent cyber espionage campaign using the open-source malware XploitSPY targeted Android users in India and Pakistan. The campaign, which ESET named ‘eXotic Visit,’ was active between November 2021 and the end of 2023. ESET researchers observed around 380 victims of the campaign. Although they were unable …
New Android Espionage Campaign Spotted in India and Pakistan Read More »
[ad_1] Cybersecurity researchers have uncovered a significant data exposure concerning nearly 300,000 taxi passengers in the UK and Ireland. Jeremiah Fowler, in collaboration with vpnMentor, found a non-password-protected database containing personal details such as names, phone numbers and email addresses. These records, belonging to Dublin-based iCabbi, a dispatch and fleet management technology provider, were left …
Data Breach Exposes 300k Taxi Passengers’ Information Read More »
[ad_1] Apple has updated its documentation related to its warning system for mercenary spyware threats, now specifying that it alerts users when they may have been individually targeted by such attacks. The revision points out companies like NSO Group, known for developing surveillance tools like Pegasus, which state actors often use for targeted attacks on …
Apple Boosts Spyware Alerts For Mercenary Attacks Read More »
[ad_1] Threat actors are going to great lengths to ensure that malicious code hidden in legitimate-looking GitHub repositories is used by as many developers as possible, Checkmarx has warned. The security vendor’s research engineer, Yehuda Gelb, described a number of techniques deployed in a recent campaign designed to ensure these repositories appear at the top …
Threat Actors Game GitHub Search to Spread Malware Read More »
[ad_1] A critical vulnerability in the Rust standard library could be exploited to target Windows systems and perform command injection attacks. The flaw was discovered by a security engineer from Flatt Security known as RyotaK. They named it BatBadBut, reported it to the CERT Coordination Center (CERT/CC) and published an analysis on April 9, 2024. …
Windows: New ‘BatBadBut’ Rust Vulnerability Given Highest CVSS Score Read More »
[ad_1] A new report has found workplace experiences of women are dramatically worse than that of their male counterparts including in areas of respect and exclusion. These findings came from the first annual State of Inclusion Benchmark in Cybersecurity assessment, which has been published by Women in Cybersecurity (WiCyS) in partnership with DEI firm Aleria. …
Women Experience Exclusion Twice as Often as Men in Cybersecurity Read More »
[ad_1] New vulnerabilities were discovered in LG TVs that would allow unauthorized access to the devices’ root systems, potentially exposing thousands of devices worldwide. The discovery, made as part of Bitdefender’s ongoing audit of popular Internet of Things (IoT) hardware, focuses on vulnerabilities within WebOS versions 4 through 7 utilized in LG TVs. The identified issues …
[ad_1] The threat actor TA547 has been observed targeting German organizations with the known stealer Rhadamanthys. According to a recent report from Proofpoint, this is the first time this threat actor has been associated with such activity. What’s particularly intriguing according to the researchers is the actor’s apparent employment of a PowerShell script likely generated …
Rhadamanthys Malware Deployed By TA547 Against German Targets Read More »