Security News

The China-linked advanced persistent threat group codenamed APT41 is suspected to be using an "Advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector - which is also referred to as DUSTPAN - has been codenamed DodgeBox by Zscaler ThreatLabz, which discovered the loader strain in April 2024.

Recent cyberattacks targeting the nation's healthcare system have demonstrated the vulnerability of hospitals and payment systems. In January of 2024, the Department of Health and Human Services launched a healthcare cybersecurity gateway website to simplify access to the Department's healthcare-specific cybersecurity information and resources and published voluntary Healthcare and Public Health Cybersecurity Performance Goals designed to help healthcare institutions plan and prioritize high-impact cybersecurity practices.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

With Windscribe VPN, you can improve your security online by blocking ads, covering your browsing data and blocking your network behind a firewall. Normally, a Windscribe VPN Three-Year Pro Subscription would be $207, but you can get it for the best price online of $69.97 through May 12.

There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are "Not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability." On April 12, Palo Alto Networks warned about limited attacks against internet-exposed firewalls, likely by a state-backed threat actor, who managed to install backdoors, grab sensitive data, and move laterally through target organizations' networks.

A vulnerability in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. According to Censys, there are currently 9,600+ publicly-exposed CrushFTP hosts, mostly in North America and Europe.

NordPass offers both Free and Premium versions. Learn about the differences and features of each version to determine which one is right for you.

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than...

Microsoft has lifted a compatibility hold that blocked upgrades to Windows 11 23H2 after resolving an issue that caused desktop icons to move erratically when using Windows Copilot on multi-monitor systems. This known issue impacts home users running Windows 10 22H2, Windows 11 22H2, and Windows 11 23H2. It doesn't affect managed devices because Copilot for Windows has yet to roll out on enterprise systems.

GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating...