Author: Admin
Cybersecurity researchers have found that attackers continue to find success by spoofing sender email addresses as part of various spam campaigns. Forging the sender address of an email is widely seen as an attempt to make a digital message appear more legitimate and bypass security mechanisms that might otherwise flag it as malicious. While there is guarantees such as DomainKeys Identified Mail (DKIM), Domain-based Message Authentication, Reporting and Conformance (DMARC) and Sender Policy Framework (SPF), which can be used to prevent spammers from spoofing well-known domains, this increasingly forces them to use old, derelict domains in their activities. In doing…
January 8, 2025Hacker newsMalware / Windows Security Cybersecurity researchers have shed light on a new remote access Trojan called Non-Euclid which allows attackers to remotely control compromised Windows systems. “Developed in C#, the NonEuclid Remote Access Trojan (RAT) is a highly sophisticated malware offering unauthorized remote access with advanced evasion techniques” – Cyfirma said in a technical analysis published last week. “It uses a variety of mechanisms, including antivirus bypass, privilege escalation, anti-detection, and ransomware encryption to target sensitive files.” NonEuclid has been advertised on underground forums since at least late November 2024. with tutorials and discussions of malware discovered…
2024 saw many high-profile cyber attacks, with major companies such as Dell and TicketMaster falling victim to data breaches and other infrastructure breaches. In 2025, this trend will continue. Therefore, to be prepared for any malware attacks, every organization must know their cyber enemy in advance. Here are 5 common malware families you can start preparing against right now. Lamma Lumma is a widely available malware designed to steal sensitive information. It has been openly sold on the Dark Web since 2022. This malware can effectively collect and extract data from targeted applications, including login credentials, financial information, and personal…
January 8, 2025Ravi LakshmananIoT Security / Compliance The US government on Tuesday announced launch of the US Cyber Trust Mark, a new cybersecurity mark for consumer Internet of Things (IoT) devices. “IoT products may be susceptible to a number of security vulnerabilities,” notes the US Federal Communications Commission (FCC). said. “Under this program, qualifying consumer smart products that meet robust cybersecurity standards will carry a label, including a new ‘US Cyber Trust Mark.'” As part of the effort, the logo will be accompanied by a QR code that users can scan, taking them to an information register with easy-to-understand details…
January 8, 2025Ravi LakshmananMalware / Vulnerability A variant of the Mirai botnet has been found to be exploiting a recently discovered security flaw affecting Four-Faith industrial routers since early November 2024 to launch distributed DDoS attacks. The botnet maintains around 15,000 daily active IP addresses, with the infection mostly spread across China, Iran, Russia, Turkey and the US. Using an arsenal of more than 20 known security vulnerabilities and weak Telnet credentials for initial access, the malware is known to have been active since February 2024. The botnet was named “gameboy” due to the offensive term present in the source…
January 8, 2025Ravi LakshmananVulnerability / Network Security The US Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws affecting Mitel MiCollab and Oracle WebLogic Server for its known vulnerabilities (KEV) catalog with reference to evidence of active operation. The list of vulnerabilities is as follows – CVE-2024-41713 (CVSS Score: 9.1) – Path traversal vulnerability in Mitel MiCollab that could allow an attacker to gain unauthorized and unauthenticated access CVE-2024-55550 (CVSS Score: 4.4) – Path traversal vulnerability in Mitel MiCollab that could allow an authenticated attacker with administrative privileges to read local files on the system due to insufficient…
January 7, 2025Ravi LakshmananFirmware Security / Malware Cybersecurity researchers have discovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could allow attackers to block or install persistent malware on sensitive devices. “The Illumina iSeq 100 used a very outdated implementation BIOS firmware using CSM (Compatibility Support Mode) mode and without secure boot or standard firmware write protection,” Eclypsium said in a report shared with The Hacker News. “This would allow an attacker on the system to overwrite the system’s firmware to either ‘brick’ the device or install a firmware implant for the attacker’s…
It’s time to once again pay tribute to once-famous cybersecurity solutions whose usefulness died last year. The cybercriminal world is collectively mourning the loss of these solutions and the easy access they provide to victim organizations. These decisions, though celebrated at the best of times, succumbed to the twin forces of time and impending threats. As well as paying tribute to the celebrities who lost their lives in the past year, this article will look back at some of the brightest stars in cyber security who died last year. 1. Outdated Multi-Factor Authentication (MFA) Cause of death: Compromised by sophisticated…
The US Cybersecurity and Infrastructure Security Agency (CISA) said on Monday that there was no indication that the cyber attack targeting the Treasury Department had affected other federal agencies. The agency said it is working closely with the Treasury Department and BeyondTrust to better understand and mitigate the breach. “The security of federal systems and the data they protect is critical to our national security,” CISA said. “We are actively working to guard against any further impacts and will provide updates as needed.” The latest statement came a week after the Ministry of Finance said it was the victim of…
January 7, 2025Ravi LakshmananCyber attack / hacking Internet service providers (ISPs) and government organizations in the Middle East have been targeted using an updated variant of the EAGERBEE malware system. A new version of EAGERBEE (aka Tumtais) comes with various components that allow the backdoor to deploy additional payloads, enumerate filesystems, and execute shell commands, showing significant evolution. “The main plug-ins can be divided according to their functionality into the following groups: plug-in orchestrator, file system manipulation, remote access manager, process study, list of network connections and service management,” Kaspersky researchers Saurabh Sharma and Vasil Berdnikov note. said in the…