Security News
Amazon has seized domains used by the Russian APT29 hacking group in targeted attacks against government and military organizations to steal Windows credentials and data using malicious Remote...
North Korean IT professionals who trick Western companies into hiring them are stealing data from the organization's network and asking for a ransom to not leak it. [...]
A novel side-channel attack has been found to leverage radio signals emanated by a device's random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The...
A new malware called NGate allows cybercriminals to steal near field communication data from Android phones via sophisticated social engineering. The data is relayed to the fraudsters before being...
A group of suspected Chinese cyberespionage actors named 'Velvet Ant' are deploying custom malware on F5 BIG-IP appliances to gain a persistent connection to the internal network and steal data. Using the compromised F5 BIG-IP devices, the threat actors could stealthily steal sensitive customer and financial information from the company for three years without being detected.
The attack utilizes the legitimate file-syncing software SyncThing in combination with malware called SPECTR. Vermin's apparent motive is to steal sensitive information from military organizations. SyncThing establishes a peer-to-peer connection for data synchronization, which is used for stealing documents and account passwords.
The attack utilizes the legitimate file-syncing software SyncThing in combination with malware called SPECTR. Vermin's apparent motive is to steal sensitive information from military organizations. SyncThing establishes a peer-to-peer connection for data synchronization, which is used for stealing documents and account passwords.
Infosec house claims Ticketmaster, Santander hit via cloud storage Infosec analysts at Hudson Rock believe Snowflake was compromised by miscreants who used that intrusion to steal data on hundreds...
A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site scripting attacks. ResumeLooters primarily employs SQL injection and XSS to breach targeted sites, mainly job-seeking and retail shops.
Telecommunications company Comcast has confirmed a breach that exposed personal information of more than 35.8 million of Xfinity customers. CVE-2023-4966 - an information disclosure vulnerability in Citrix NetScaler ADC/Gateway devices - was disclosed on October 10, when Citrix issued a patch to fix the vulnerability.