Security News
The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia...
An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security...
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as...
Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches. "The threat actors gathered administrator-level credentials to gain access to Cisco Nexus switches and deploy a previously unknown custom malware that allowed them to remotely connect to compromised devices, upload additional files and execute malicious code."
Installers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to...
A threat actor tracked as Unfurling Hemlock has been infecting target systems with up to ten pieces of malware at the same time in campaigns that distribute hundreds of thousands of malicious files. Security researchers describe the infection method as a "Malware cluster bomb" that allows the threat actor to use one malware sample that spreads additional ones on the compromised machine.
A federal grand jury in Maryland returned an indictment charging a Russian citizen with conspiracy to hack into and destroy computer systems and data. According to court documents, in Jan. 2022, members of the Main Intelligence Directorate of the General Staff of the Russian Federation conspired to use a U.S.-based company's services to distribute malware known in the cybersecurity community as WhisperGate to dozens of Ukrainian government entities' computer systems and destroy those systems and related data in advance of the Russian invasion of Ukraine.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data. [...]