Security News > 2024 > October

New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
2024-10-03 14:15

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. "Perfctl is...

Why your password policy should include a custom dictionary wordlist
2024-10-03 14:02

Utilizing a custom dictionaries helps strengthen your password policies. Learn more from Specops Software about how to build custom dictionaries in your Windows Active Directory password policy. [...]

Why your password policy should include a custom dictionary
2024-10-03 14:02

Utilizing a custom dictionaries helps strengthen your password policies. Learn more from Specops Software about how to build custom dictionaries in your Windows Active Directory password policy. [...]

Average North American CISO pay now $565K, mainly thanks to one weird trick
2024-10-03 14:01

Best way to boost your package is to leave, or pretend to A survey of nearly 700 CISOs in the US and Canada has found their pay has risen over the past year to an average of $565,000 and a median...

CUPS vulnerabilities could be abused for DDoS attacks
2024-10-03 13:10

While the Common UNIX Printing System (CUPS) vulnerabilities recently disclosed by researcher Simone “evilsocket” Margaritelli are not easily exploited for remote command execution on vulnerable...

North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
2024-10-03 13:00

Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and...

Two British-Nigerian men sentenced over multimillion-dollar business email scam
2024-10-03 12:30

Fraudsters targeted local government, colleges, and construction firms in Texas and North Carolina Two British-Nigerian men were sentenced for serious business email compromise schemes in the US...

Weird Zimbra Vulnerability
2024-10-03 11:04

Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit. In an email sent Wednesday afternoon, Proofpoint...

Private US companies targeted by Stonefly APT
2024-10-03 10:49

Undeterred by the indictment issued against one of its alleged members, North Korean APT group Stonefly (aka APT45) continues to target companies in the US, Symantec threat analysts warned. About...

Ransomware crew infects 100+ orgs monthly with new MedusaLocker variant
2024-10-03 10:00

Crooks 'like a sysadmin, with a malicious slant' Exclusive An extortionist armed with a new variant of MedusaLocker ransomware has infected more than 100 organizations a month since at least 2022,...