Vulnerable HTTP Report
This report identifies hosts that have the Hypertext Transfer Protocol (HTTP) service running on some port that may have a vulnerability. It currently focuses on the following vulnerabilities: Zimbra...
View ArticleBeyond File Search: A Novel Method for Exploiting the "search-ms" URI...
Threat Summary In the ever-evolving landscape of cyber threats, malware authors continuously explore new avenues to exploit unsuspecting users. The Windows operating system provides a powerful search...
View ArticleAI researchers say they’ve found a way to jailbreak Bard and ChatGPT
United States-based researchers have claimed to have found a way to consistently circumvent safety measures from artificial intelligence chatbots such as ChatGPT and Bard to generate harmful content....
View ArticleMeet Akira — A new ransomware operation targeting the enterprise
The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms. Launched in March...
View ArticleNitrogen Ransomware Effort Lures IT Pros via Google, Bing Ads
Hackers are planting fake advertisements - "malvertisements" - for popular IT tools on search engines, hoping to ensnare IT professionals and perform future ransomware attacks. The scheme surrounds...
View ArticleAndroid Malware steals credentials using Optical Character Recognition
Security researchers have unearthed a rare malware find: malicious Android apps that use optical character recognition to steal credentials displayed on phone screens. The malware, dubbed CherryBlos...
View ArticlePhonyC2: Revealing a New Malicious Command & Control Framework by MuddyWater
MuddyWater is continuously updating the PhonyC2 framework and changing TTPs to avoid detection, as can be seen throughout the blog and in the investigation of the leaked code of PhonyC2. MuddyWater...
View ArticleRussian hacker infects himself through own infostealer
Nice side story: a hacker who operated in Russian-language forums since 2020 mistakenly infected his computer with malware he used, selling information to security researchers at Hudson Rock. So...
View ArticleGoogle: Android patch gap makes n-days as dangerous as zero-days
Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value...
View ArticleSolarWinds Platform Deserialization of Untrusted Data Vulnerability...
The SolarWinds Platform was found to be susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary...
View ArticleCybercriminals Renting WikiLoader to Target Italian Organizations with...
Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called...
View ArticleFruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT
Threat actors are creating fake websites hosting trojanized software installers to trick unsuspecting users into downloading a downloader malware called Fruity with the goal of installing remote...
View ArticleCanon warns printer users to manually wipe Wi-Fi settings before discarding
Printer manufacturer Canon is warning that sensitive Wi-Fi settings don’t automatically get wiped during resets, so customers should manually delete them before selling, discarding, or getting them...
View ArticleMac users open to Remote Control via Tricky macOS Malware; hidden VNC tool
Recently discovered data-stealing malware is targeting macOS users with a sneaky approach that uses Hidden Virtual Network Computing (hVNC). It's being sold at a lifetime price of $60,000 on the Dark...
View ArticleIranian cloud company accused of hosting cybercriminals, nation-state hackers
An Iranian technology company is providing infrastructure services to ransomware gangs and an array of nation-state hackers, researchers have found. A report released Tuesday by the cybersecurity firm...
View ArticleNew NodeStealer Variant Targeting Facebook Business Accounts and Crypto Wallets
Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that's equipped to fully take over Facebook business accounts as well as siphon cryptocurrency. Palo Alto...
View ArticleBulletproof hosting admins sentenced for helping cybercrime gangs
Two Eastern European men were sentenced to prison on Racketeer Influenced Corrupt Organization (RICO) charges for bulletproof hosting services used by multiple cybercrime operations to target US...
View ArticleDell hit with Oz court case for misleading prices on monitors
Dell's Australian business is in trouble with the country's consumer watchdog for allegedly misleading buyers about the price of displays purchased as an add-on with its computers. The Australian...
View ArticleBluetooth audio’s biggest upgrade in years is coming soon to headphones
We’re on the cusp of a new generation of wireless headphones that are more power-efficient, sound better, and support novel new features like being able to connect an “unlimited” number of devices to...
View ArticleBots now make up nearly half of all internet traffic
Bot traffic, and more specifically - bad bot traffic - is hitting new all-time highs, putting everyone’s cybersecurity at risk, new research has claimed. The 2023 Imperva Bad Bot Report found that in...
View Article
