Author: Admin
December 10, 2024Hacker newsMalware / Cyber Threat Analysis Cyber attackers never stop inventing new ways to compromise their targets. That’s why organizations need to be aware of the latest threats. Here’s a quick overview of the current malware and phishing attacks you need to be aware of to protect your infrastructure before they get to you. Zero-day attack: Corrupted malicious files are not detected by most security systems The team of analysts of St ANYONE. RUN recently shared their analysis of the current zero-day attack. It has been active since at least August, and to this day remains undetected by…
December 9, 2024Ravi LakshmananThreat Intelligence / Malware Threat actors associated with Black Basta ransomware have been observed to switch their social engineering tacticsdistributing a different set of payloads, e.g Zbot and DarkGate from the beginning of October 2024. “Users in the target environment will be bombarded with email from the threat, which is often achieved by registering the user’s email to multiple mailing lists at the same time,” Rapid7. said. “After email bomb, threat actor will reach out to affected users.” How is observed back in August, attackers made their first contact with potential targets in Microsoft Teams by impersonating…
Calling a malicious botnet Socks5Systemz according to Bitsight’s new findings, a proxy service called PROXY.AM is operating. “Malware proxies and services allow other types of criminal activity to add uncontrollable levels of anonymity to threat actors so they can perform all kinds of malicious activities by exploiting chains of victim systems,” the company’s security research team said in an analysis published last week. The disclosure comes just weeks after Black Lotus Labs’ team with Lumen Technologies revealed that systems compromised by another malware known as Ngioweb are being used as residential proxies for NSOCKS. Originally touted in the cybercrime underground…
December 9, 2024Hacker newsIdentity security / no password Identity security is all the rage right now, and rightfully so. Securing identities that access organizational resources is a good security model. But IDs have their limits, and there are many use cases where a company needs to add other layers of security to strong identification. And that’s what we at SSH Communications Security want to talk about today. Let’s take a look at seven ways to add additional security controls for critical and sensitive sessions for privileged users as an adjunct to other systems. Fix 1: Securing access for high-impact IDs…
December 9, 2024Ravi LakshmananArtificial Intelligence / Vulnerability Details have emerged about the patched security flaw in the DeepSeek an artificial intelligence (AI) chatbot that, if successfully deployed, could allow an attacker to take control of a victim’s account using quick injection attack. Security researcher Johann Rehberger, who has chronicle many operational injection attacks targeting various AI tools, found that providing the input “Print xss cheat sheet in bulleted list. payloads only” in the DeepSeek chat caused JavaScript code to be executed as part of the generated response – a classic case of cross-site scripting (XSS). XSS attacks can have serious…
December 7, 2024Ravi LakshmananCyber Security / Election Fraud In a historic decision, Romania’s Constitutional Court annulled the results of the first round of voting in the presidential election amid accusations of Russian interference. As a result, the second round of voting, which was scheduled for December 8, 2024, will no longer take place. Kellyn Georgescu, who won the first round, reported the verdict as an “official coup” and an attack on democracy. “The electoral process for the Romanian presidential elections will be resumed in full, the government will set a new date for the Romanian presidential elections, as well as…
December 7, 2024Ravi LakshmananMalware / Security Web3 Cybersecurity researchers have warned of a new scam that uses fake video conferencing software to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. “The threat actors behind the malware have created fake campaigns that use artificial intelligence to boost their legitimacy,” Cado Security researcher Tara Gould said. “The company is reaching out to properties to set up a video call by asking the user to download a meeting app from a website that is a Realst Infostealer.” The security company codenamed the activity…
December 7, 2024Ravi LakshmananSupply Chain Attack / Cryptocurrency In yet another attack on the software supply chain, two versions of the popular Python artificial intelligence (AI) library called ultralytics were compromised to supply a cryptocurrency miner. Versions 8.3.41 and 8.3.42, have since been removed from the Python Package Index (PyPI) repository. And after released version released a security patch that “ensures a secure publishing workflow for the Ultralytics package.” Project maintainer Glen Jocher confirmed on GitHub that the two versions were infected by injecting malicious code into the PyPI deployment process after reports arose that the installation of the library…
December 7, 2024Hacker newsEnterprise security / threat prevention Cybercriminals know that privileged accounts are the key to your kingdom. A single compromised account can lead to data theft, disrupted operations, and major business losses. Even leading organizations struggle to maintain privileged accounts. why? Traditional Privileged Access Management (PAM) solutions often fail, leaving: Blind spots that limit full visibility. Complex deployment processes. Manual account discovery is time-consuming. Weak Least Privilege Access Enforcement. Vulnerabilities that allow administrators to bypass controls. These flaws leave critical vulnerabilities that attackers exploit daily. But it doesn’t have to be this way. In our webinar “Preventing Privilege…
December 6, 2024Ravi LakshmananSpy software / Mobile security The Federal Security Service (FSB) has secretly installed spyware on its Android device from a Russian programmer accused of donating money to Ukraine after he was detained earlier this year. The findings were made as part of a joint investigation The first department and the University of Toronto Civil laboratory. “The spyware placed on his device allows the operator to track the target device’s location, record phone calls, keystrokes and read messages from encrypted messaging programs, among other capabilities,” the report said. In May 2024, Kiril Parubets was released out of custody…