Author: Admin

December 30, 2025Ravi LakshmananCyber ​​Security / Compliance Office for Civil Rights (OCR) of the US Department of Health and Human Services (HHS). proposed new cybersecurity requirements for healthcare organizations to protect patient data from potential cyberattacks. The proposal, which seeks to change the Health Insurance Portability and Accountability Act (HIPAA) of 1996, is part of a broader initiative to strengthen the cybersecurity of critical infrastructure, according to OCR. The rule is intended to strengthen the protection of electronic protected health information (ePHI) by updating the HIPAA Security Rule standards to “better address the ever-increasing cybersecurity threats to the healthcare sector.”…

December 30, 2025Hacker newsBrowser Security / GenAI Security The news made headlines last weekend a broad attack campaign targeting browser extensions and injecting them with malicious code to steal user credentials. Currently, more than 25 extensions with an installed base of more than two million users have been found to be compromised, and customers are currently working to determine their impact (LayerX, one of the companies involved in protection against malicious extensions, offers a free service to audit and remediate the exposure of organizations – click to register here). While this is not the first attack targeting browser extensions, the…

December 29, 2025Ravi LakshmananEndpoint Protection / Browser Security The new attack campaign targeted popular Chrome browser extensions, leading to the hacking of at least 16 extensions and exposing more than 600,000 users to data exposure and credential theft. The attack targeted browser extension publishers in the Chrome Web Store via a phishing campaign and used their access rights to inject malicious code into legitimate extensions to steal users’ cookies and access tokens. Cybersecurity firm Cyberhaven was the first company exposed. December 27 Cyberhaven opened that the threat actor compromised his browser extension and injected malicious code to communicate with an…

December 28, 2024Ravi LakshmananVulnerability / Threat Intelligence According to new VulnCheck findings, a high-severity flaw affecting select Four-Faith routers is being exploited in the wild. Vulnerability, tracked as CVE-2024-12856 (CVSS Score: 7.2), has been described as an operating system (OS) command implementation bug affecting router models F3x24 and F3x36. The vulnerability is less severe because it only works if a remote attacker can successfully authenticate. However, if the default credentials associated with the routers have not been changed, this may result in unauthenticated OS commands. In the attack detailed by VulnCheck, unknown threat actors were found to use default router…

December 27, 2024Ravi LakshmananCryptocurrency / Cyber ​​Espionage The North Korean threat actors behind the ongoing Contagious Interview campaign have been spotted releasing a new JavaScript malware called OtterCookie. Contagious interview (aka Deceptive development) refers to an ongoing attack campaign that uses social engineering lures, with a hacking team often posing as recruiters to trick potential job seekers into downloading malware under the guise of an interview process. This involves spreading malware programs for video conferencing or Packages npm either hosted on GitHub or in the official package registry, opening the way for malware such as BeaverTail and InvisibleFerret to be…

December 27, 2024Ravi LakshmananCyber ​​attack / data theft A threat actor known as Cloud atlas a previously undocumented malware called VBCloud was seen being used in cyberattack campaigns targeting “several dozen users” in 2024. “Victims are infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malicious code,” Kaspersky researcher Oleg Kupreev said in an analysis published this week. More than 80% of the objects were located in Russia. A smaller number of victims was reported from Belarus, Canada, Moldova, Israel, Kyrgyzstan, Turkey and Vietnam. Cloud Atlas is also…

December 27, 2024Ravi LakshmananBotnet / DDoS attack Cybersecurity researchers are warning of a surge in malicious activity involving vulnerable D-Link routers in two different botnets, Mirai variant named FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN. “These botnets are often propagated through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via the GetDeviceSettings action in the HNAP (Home Network Administration Protocol) interface,” Vincent Lee, researcher at Fortinet FortiGuard Labs. said in Thursday’s analysis. “This HNAP flaw was first discovered nearly a decade ago when numerous devices were affected by various CVE numbers, including CVE-2015-2051, CVE-2019-10891, CVE-2022-37056and…

December 27, 2024Ravi LakshmananFirewall Security / Vulnerability Palo Alto Networks has disclosed a high-severity vulnerability that affects the PAN-OS software and could cause a Denial of Service (DoS) condition on sensitive devices. The vulnerability, tracked as CVE-2024-3393 (CVSS score: 8.7), affects PAN-OS versions 10.X and 11.X, as well as Prisma Access with PAN-OS versions. It was addressed in PAN-OS 10.1.14-h8, PAN-OS 10.2.10-h12, PAN-OS 11.1.5, PAN-OS 11.2.3, and all later versions of PAN-OS. “A denial-of-service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of…

December 27, 2024Ravi LakshmananSoftware Vulnerability / Security The Apache Software Foundation (ASF) has released patches to address a maximum-level vulnerability in the MINA A Java network application framework that can lead to remote code execution under certain conditions. Tracked as CVE-2024-52046the vulnerability has a CVSS score of 10.0. This affects versions 2.0.X, 2.1.X, and 2.2.X. “The ObjectSerializationDecoder in Apache MINA uses Java’s own deserialization protocol to handle incoming serialized data, but it lacks the necessary security checks and safeguards,” project staff said in a recommendation published on December 25, 2024. “This vulnerability allows attackers to exploit the deserialization process by…

December 26, 2024Ravi LakshmananCybercrime / Ransomware A Brazilian national has been indicted in the United States for allegedly threatening to release data stolen in a March 2020 hack of a company’s network. Junior Barros de OliveiraA 29-year-old man from Curitiba, Brazil, was charged with four counts of extortion threats related to information obtained from protected computers and four counts of threatening communications, US Department of Justice (DoJ) said in an unsealed indictment earlier this week. The computers of the named victim, a Brazilian subsidiary of a New Jersey company, were hacked by the defendant, who then used the access to…