Security News
Seemingly most critically, the [Russian] government told the ECHR that any intrusion on private lives resulting from decrypting messages was "Necessary" to combat terrorism in a democratic society. To back up this claim, the government pointed to a 2017 terrorist attack that was "Coordinated from abroad through secret chats via Telegram." The government claimed that a second terrorist attack that year was prevented after the government discovered it was being coordinated through Telegram chats.
The Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar...
Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor. RustDoor was first documented by Bitdefender last week,...
The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in...
Security researchers have identified and analyzed new malware they call TinyTurla-NG and TurlaPower-NG used by the Russian hacker group Turla to maintain access to a target's network and to steal sensitive data. According to the researchers, TinyTurla-NG is actively targeting multiple NGOs in Poland.
Hackers are actively exploiting a vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA to inject a "Previously unknown and interesting backdoor" dubbed DSLog. Ivanti disclosed CVE-2024-21893 - a server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure, Policy Secure and Neurons for ZTA - in late January, when it issued patches for affected devices.
Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That's...
Hackers are exploiting a server-side request forgery vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. The flaw impacts the SAML component of the mentioned products and allows attackers to bypass authentication and access restricted resources on Ivanti gateways running versions 9.x and 22.x. The updates that fix the problem are Ivanti Connect Secure versions 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2, 22.5R1.1 and 22.5R2.2, Ivanti Policy Secure version 22.5R1.1, and ZTA version 22.6R1.3.
Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023.The backdoor codenamed “RustDoor” by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.
An unnamed Islamic non-profit organization in Saudi Arabia has been targeted as part of a stealthy cyber espionage campaign designed to drop a previously undocumented backdoor called Zardoor....