Security News

Researchers warn of increased malware delivery via fake browser updates
2023-10-17 10:18

ClearFake, a recently documented threat leveraging compromised WordPress sites to push malicious fake browser updates, is likely operated by the threat group behind the SocGholish "Malware delivery via fake browser updates" campaigns, Sekoia researchers have concluded. Subsequently downloaded payloads create an iframe element to host the fake update interface, download that interface, and the fake update content and HTML page.

Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration
2023-10-13 11:53

The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking...

Researchers Uncover Malware Posing as WordPress Caching Plugin
2023-10-12 09:16

Cybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades a WordPress plugin to stealthily create administrator accounts and remotely control a...

Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants
2023-10-12 06:20

High-profile government and telecom entities in Asia have been targeted as part of an ongoing campaign since 2021 that's designed to deploy basic backdoors and loaders for delivering next-stage...

Researcher bags two-for-one deal on Linux bugs while probing GNOME component
2023-10-10 16:01

Cue files - which store the metadata that defines the layout of music on a CD. Given that it's often used alongside the FLAC audio format, open source audio players like Audacious are dependent on the library. The tracker-miners application initializes automatically when a file is either added or modified in a subdirectory of the home directory.

Researchers Uncover Grayling APT's Ongoing Attack Campaign Across Industries
2023-10-10 10:25

A previously undocumented threat actor of unknown provenance has been linked to a number of attacks targeting organizations in the manufacturing, IT, and biomedical sectors in Taiwan. The Symantec...

Researchers warn of 100,000 industrial control systems exposed online
2023-10-04 17:35

About 100,000 industrial control systems were found on the public web, exposed to attackers probing them for vulnerabilities and at risk of unauthorized access. Among them are power grids, traffic light systems, security and water systems.

Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware
2023-10-04 15:09

New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka...

Researcher Reveals New Techniques to Bypass Cloudflare's Firewall and DDoS Protection
2023-10-03 09:29

Firewall and distributed denial-of-service (DDoS) attack prevention mechanisms in Cloudflare can be circumvented by exploiting gaps in cross-tenant security controls, defeating the very purpose of...

Security researchers believe mass exploitation attempts against WS_FTP have begun
2023-10-02 13:45

Security researchers have spotted what they believe to be a "Possible mass exploitation" of vulnerabilities in Progress Software's WS FTP Server. Researchers at Rapid7 began noticing evidence of exploitation on 30 September across multiple instances of WS FTP. Progress released fixes for eight separate vulnerabilities in WS FTP on Wednesday, including one rated a maximum score of 10 on the CVSS severity scale.