Custom search

Konni RAT Malware Campaign Spreads Via Malicious Word Files

Researchers caught a new campaign from the notorious Konni RAT malware exploiting malicious Word files. The threat actors distribute the malware via malicious macros embedded in Word files that infect the target systems. Konni RAT Malware

Bleeping Computer

Leveraging Wazuh to combat insider threats

Effective strategies for mitigating insider threats involve a combination of detective and preventive controls. Such controls are provided by the Wazuh SIEM and XDR platform.

Cyber Security News

SysJoker Malware Attacking Windows, Linux and Mac Users Abusing OneDrive

SysJoker malware, a multi-platform backdoor with several variants for Windows, Linux, and Mac, has been observed being used by a Hamas-affiliated APT to target Israel. This malware was first identified by Intezer in 2021 and was recently used in targeted attacks. Checkpoint researchers disclosed the malware’s growth, variations in the intricacy of its execution flow, and […]

The Record

Suspected Hamas-linked hackers target Israel with new version of SysJoker malware

Cybersecurity companies Check Point and Intezer analyzed what appears to be a rewrite of backdoor malware that targeted Israel's education sector as early as 2021.

Bleeping Computer

2 days ago

New Rust-based SysJoker backdoor linked to Hamas hackers

A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the Rust programming language.

Bleeping Computer

3 days ago

Atomic Stealer malware strikes macOS via fake browser updates

The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware.

The Hacker News

3 days ago

New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government

A new web shell called HrServ is part of a suspected APT attack in Afghanistan. HrServ can erase tracks and execute code in memory.

Security Affairs

3 days ago

Hamas-linked APT uses Rust-based SysJoker backdoor against Israel

Researchers reported that a Hamas-linked APT group is using a rust-based SysJoker backdoor against Israeli entities.

The Hacker News

Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel

Researchers found a Rust version of SysJoker, a cross-platform backdoor used by Hamas-affiliated threat actor targeting Israel during ongoing conflict

Infosecurity News

Windows Hello Fingerprint Tech is Hacked

Blackwing researchers bypass the authentication system

Cyber Security News

APT Groups Using HrServ Web Shell to Hack Windows Systems

A HrServ web shell is a malicious script or program that enables remote administration of a server, allowing unauthorized access and control.

Security Affairs

ClearFake campaign spreads macOS AMOS information stealer

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of ClearFake campaign.

The Hacker News

Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks

Threat actor Konni, potentially tied to North Korea, deploys RAT in cyber espionage using Russian Word doc, exploiting WinRAR flaw.

Cyber Security News

ClearFake a New Malware Attacking Mac users via fake browser updates

Atomic Stealer delivered a fake browser update chain tracked as ‘ClearFake’ to attack Mac users. Reported by Malwarebytes.

Infosecurity News

North Korean Supply Chain Threat is Booming, UK and South Korea Warn

The UK’s NCSC and South Korea’s NIS issued a joint advisory describing some of North Korean hackers’ tactics in deploying supply chain attacks

Cyber Security News

Hackers using Weaponized Office Document to Exploit Windows Search RCE

A new attack chain campaign has been discovered which involves the exploitation of CVE-2023-36884 and CVE-2023-36584. CVE-2023-36884.

Cyber Security News

Firefox 120 Released With Security Updates: What’s New!

10 vulnerabilities are patched, including six 'High Severity' issues and two moderate and low severity issues are fixed.

CyberNews

City in Texas attacked by Akira ransomware gang

Nassau Bay has admitted to having suffered a ransomware attack, leaving more than 8,000 affected.

Cyber Security News

Hackers Exploiting Windows SmartScreen Zero-day Vulnerability to Deploy Remcos RAT

Microsoft released multiple security patches as part of their Patch Tuesday in which three zero-day vulnerabilities were also patched.

Trend Micro

ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil

We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.

DarkReading

Fake Browser Updates Targeting Mac Systems With Infostealer

A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn.

Bleeping Computer

Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops

Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors.

The Hacker News

New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login

🔒 Multiple vulnerabilities found in laptop fingerprint sensors—allowing attackers to bypass Windows Hello authentication on Dell, Lenovo, and Microso

SecurityWeek

Windows Hello Fingerprint Authentication Bypassed on Popular Laptops

Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them.

The Hacker News

North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns

North Korean hackers posing as recruiters infect software developers with cross-platform malware.

CyberNews

MacOS targeted by ClearFake malware campaign

A data-stealing program that targets Mac operating systems (OS) is being distributed by means of fake web browser updates.

The Hacker News

ClearFake Campaign Expands to Deliver Atomic Stealer on Mac Systems

macOS users beware! Atomic Stealer, a $1,000/month malware, is now spreading through deceptive web browser updates via ClearFake.

The Hacker News

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.

Ars Technica

USB worm unleashed by Russian state hackers spreads worldwide

LitterDrifter's means of self-propagation are simple. So why is it spreading so widely?

Trend Micro

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing

The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.

Bleeping Computer

Microsoft now rolling out Copilot to Windows 10 devices

Microsoft is now rolling out the Copilot AI assistant to eligible non-managed systems enrolled in the Windows Insider program and running Windows 10 22H2 Home and Pro editions.

DarkReading

Exploit for Critical Windows Defender Bypass Goes Public

Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.

DarkReading

DPRK Hackers Masquerade as Tech Recruiters, Job Seekers

No one has turned the job market into an attack surface quite like North Korea, which plays both sides for financial gain and, possibly, espionage.

CyberNews

OpenAI board, Altman in talks for return of former CEO

Sam Altman and OpenAI's board have opened up discussions to bring back the former CEO and founder of the AI startup, while investors seek legal action.

Bleeping Computer

Citrix warns admins to kill NetScaler user sessions to block hackers

Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks.

Infosecurity News

Konni Campaign Deploys Advanced RAT With UAC Bypass Capabilities

Fortinet researchers have detected a malicious Word document displaying Russian text

Cyber Security News

Rhysida Ransomware Attacking Windows Machine Through VPN Devices and RDP

Rhysida, a new ransomware group, hit its first victim in May 2023. They use their ransomware, offered as RaaS (Ransomware-as-a-Service), with at least 50 global victims listed on their website.

Cyber Security News

Hackers Attacking Apache Web Servers to Install Coinminers

An attack campaign that installs XMRig Coinminer on Windows web servers that run on Apache has been discovered recently.

CyberNews

Ransomware that all the script kiddies want to Play with

The Russian-affiliated threat actor Play ransomware gang is now a service for sale, according to cybersecurity analyst Adlumin.

SecurityWeek

Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago

Over the past ten years, Microsoft has handed out $63 million in rewards as part of its bug bounty programs.

The Hacker News

How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography

Phishing attacks are getting smarter! Cybercriminals are now using QR codes, CAPTCHAs, and steganography to trick victims. Learn how to stay safe.

DarkReading

Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw

Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.

Bleeping Computer

Gamaredon's LittleDrifter USB malware spreads beyond Ukraine

A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.

Bleeping Computer

VX-Underground malware collective framed by Phobos ransomware

A new Phobos ransomware variant frames the popular VX-Underground malware-sharing collective, indicating the group is behind attacks using the encryptor.

Bleeping Computer

How to boost Security with Self-Service Password Resets

Learn more from Specops Software about the benefits of self-service password resets and ways to accomplish this with on-premises Active Directory.

Latest Hacking News

Google Workspace Vulnerabilities Risk Security Breaches – Warn Researchers

Researchers have found numerous security vulnerabilities in Google Workspace that risk breaches. While the vulnerabilities pose a serious threat to the users, Google denies fixing the bugs as they do not match with Google’s threat

Bleeping Computer

Lumma Stealer malware now uses trigonometry to evade detection

The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software - the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox.

Cyber Security News

Hackers Exploit Google Workspace to Exfiltrate Data and Deploy Ransomware

Recent research into Google Workspace and Google Cloud Platform by Bitdefender Labs reveals novel attack methods, potentially leading.

SecurityWeek

Yamaha Motor Confirms Data Breach Following Ransomware Attack

Yamaha Motor discloses ransomware attack impacting the personal information of its Philippines subsidiary’s employees.

Security Affairs

9 days ago

8Base ransomware operators use a variant of Phobos ransomware

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks.

Cyber Security News

9 days ago

Weekly Cyber Security News Roundup for the Week of November 13th to 18th

Welcome to the Cyber Security News Recap, a weekly publication by Cyber Writes. Our aim is to bring you up-to-date information on the latest developments in the field of cybersecurity.

Bleeping Computer

9 days ago

Windows 10 to let admins control how optional updates are deployed

Microsoft announced a new policy that allows admins to control how optional updates are deployed on Windows 10 enterprise endpoints on their networks.

DarkReading

10 days ago

Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks

For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enforcement, and others.

Bleeping Computer

CISA warns of actively exploited Windows, Sophos, and Oracle bugs

The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle.

The Hacker News

27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

Beware of fake Python libraries! 27 malicious packages found on PyPI, disguised as legitimate ones.

The Hacker News

CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog

U.S. CISA has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in the wild.

Ars Technica

Ransomware group reports victim it breached to SEC regulators

Group tells SEC that the victim is in violation for not reporting it was hacked.

The Record

Remcos, again: Ukrainian agencies targeted in a new spying campaign

In a recent campaign, the hacking group tracked as UAC-0050 attempted to spread the Remcos remote access tool, according to research by Ukraine's computer emergencies response team (CERT-UA).

Ars Technica

No Bing, no Edge, no upselling: De-crufted Windows 11 coming to Europe soon

Some changes will arrive for non-EU users, too, but not the easy removals.

Bleeping Computer

MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet

MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals.

Bleeping Computer

Microsoft confirms Copilot AI assistant coming to Windows 10

Microsoft will roll out the Copilot AI-powered assistant to Windows 10 systems enrolled in the Insider Program over the coming months.

Ars Technica

The “Windows App” for Mac, iOS, and browsers is a fancy remote desktop, for now

Microsoft wants you in Windows, whether you're on iPad, Android, or Chrome OS.

Latest Hacking News

Microsoft Patch Tuesday November Fixes 63 Flaws, Including 5 Zero-Days

This week marked the Redmond giant Microsoft’s monthly security updates for its products. With Patch Tuesday November, Microsoft addressed fewer vulnerabilities – over 60 only, including five zero-day flaws. Five Zero-Days Patched With Latest Microsoft Updates Microsoft

The Hacker News

Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw

DarkCasino: From Zero-Day Exploit to APT Threat! Cybersecurity experts classify DarkCasino as a powerful APT group after exploiting a WinRAR flaw

Cyber Security News

Google Chrome Use-After-Free Vulnerability Leads to Browser Crash

Google Chrome Stable Channel Update for Desktop version 119.0.6.45.159 for Mac and Linux and 119.0.6045.159/.160 for Windows.

The Hacker News

CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks

U.S. agencies warn of Rhysida ransomware double extortion attacks on multiple industries, including education, manufacturing and IT.

The Hacker News

Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks

Novel attack methods targeting Google Workspace & Cloud Platform could enable ransomware and data breaches.

Cyber Security News

Kubernetes Windows Nodes Vulnerability Let Attacks Gain Admin Privileges

This new vulnerability is based on 3 main things of Kubernetes such as Windows nodes Kubernetes, in-tree plugins, CSI, & persistent volumes.

Cyber Security News

Wireshark 4.2.0 Released - What’s New!

Wireshark is a popular open-source network protocol analyzer that is primarily used by security experts and network administrators.

Security Affairs

FBI and CISA warn of attacks by Rhysida ransomware gang

The FBI and CISA warn of attacks carried out by the Rhysida ransomware group against organizations across multiple industry sectors.

Cyber Security News

5 New Zero-day Vulnerabilities Patched in the Microsoft Security Update

Microsoft has released their security patches for Nov 2023. Nearly 58 flaws, 5 zero-day vulnerabilities have been patched by Microsoft.

Bleeping Computer

Microsoft fixes Windows Server VMs broken by October updates

Microsoft fixed a known issue causing blue screens and boot failures in Windows Server 2022 virtual machines (VMs) deployed on VMware ESXi hosts.

Ars Technica

Bing Chat is now “Microsoft Copilot” in potentially confusing rebranding move

Microsoft: "Soon there will be a Copilot for everyone and for everything you do."

Bleeping Computer

FBI and CISA warn of opportunistic Rhysida ransomware attacks

The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors.

The Hacker News

U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty

U.S. Government Dismantles Global IPStorm Botnet Network! From Windows to Linux, Mac, and Android, the botnet turned infected devices into proxies for

Cyber Security News

FBI Dismantled Notorious IPStorm Botnet Infrastructure

The FBI has achieved a remarkable feat in the fight against cybercrime, dismantling the infamous IPStorm botnet network.

Infosecurity News

ALPHV/BlackCat Ransomware Gang Targets Businesses Via Google Ads

Nitrogen serves as initial-access malware, using obfuscated Python libraries for stealth

SecurityWeek

US Announces IPStorm Botnet Takedown and Its Creator's Guilty Plea

US government announces the takedown of the IPStorm proxy service botnet and the guilty plea of its creator, a Russian/Moldovan national.

Cyber Security News

Hackers Deliver Weaponized LNK Files Through Legitimate Websites

Hackers may exploit LNK files to deliver malicious payloads by disguising them as legitimate shortcuts, and execution of malicious code.

Security Affairs

Law enforcement agencies dismantled botnet proxy service IPStorm

The Federal Bureau of Investigation (FBI) dismantled the infrastructure behind the illegal botnet proxy service IPStorm.

Infosecurity News

Microsoft Fixes Five Zero-Day Vulnerabilities

Patch Tuesday includes fixes for three actively exploited bugs

Infosecurity News

US Dismantles IPStorm Botnet Proxy Service

Russian-Moldovan national faces maximum 30-year jail stretch

CyberNews

FBI dismantles IPStorm botnet, operator arrested

FBI dismantled IPStorm botnet, its Russian-Moldovan operator plead guilty.

The Hacker News

Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities

Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023.

Bleeping Computer

IPStorm botnet with 23,000 proxies for malicious traffic dismantled

The U.S. Department of Justive announced today that Federal Bureau of Investigation took down the network and infrastructure of a botnet proxy service called IPStorm.

The Record

CISA adds three Microsoft Patch Tuesday bugs to vulnerability list

The top cybersecurity agency in the U.S. warned that hackers are exploiting three vulnerabilities disclosed by Microsoft on Tuesday.

DarkReading

Microsoft Zero-Days Allow Defender Bypass, Privilege Escalation

Another two bugs in this month's set of fixes for 63 CVEs were publicly disclosed previously but have not been exploited yet.

Security Affairs

Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws

Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild.

SecurityWeek

Critical Authentication Bypass Flaw in VMware Cloud Director Appliance

The bug carries a CVSS severity-score of 9.8/10 and can be exploited to bypass login restrictions when authenticating on certain ports.

SecurityWeek

Microsoft Warns of Critical Bugs Being Exploited in the Wild

Redmond’s security response team flags two vulnerabilities -- CVE-2023-36033 and CVE-2023-36036 -- already being exploited in the wild.

Bleeping Computer

Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws

Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities.

Bleeping Computer

Windows 11 KB5032190 update enables Moment 4 features for everyone

Microsoft has released the KB5032190 cumulative update to fix security vulnerabilities in Windows 11. This is the first Patch Tuesday update with access to Windows 11 Moment 4 features, provided you turn on the "Get latest updates" toggle.

Bleeping Computer

Windows 10 KB5032189 update released with 11 improvements

Microsoft has released the KB5032189 cumulative update for Windows 10 21H2 and Windows 10 22H2, which contains eleven fixes for various issues.

SecurityWeek

Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion

Adobe patches 72 security bugs and calls special attention to code-execution defects in the widely deployed Acrobat and Reader software.

SecurityWeek

Zip Raises $7.7 Million to Expand SMB Cybersecurity Business

Zip Security raised $7.7 million in funding led by General Catalyst, co-led by Human Capital, and with participation from Box Group.

Cyber Security News

8 New Metasploit Exploit Modules Released Targeting Critical Vulnerabilities

Metasploit is an open-source penetration testing framework created by Rapid7 that enables security professionals to simulate attacks against computer systems, networks, and applications.

DarkReading

Royal Ransom Demands Exceed $275M, Rebrand in Offing

The swift-moving ransomware crew continues to evolve quickly and has already attacked more than 350 victims since it was first detected just over a year ago.

SecurityWeek

MySQL Servers, Docker Hosts Infected With DDoS Malware

Researchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks.

Cyber Security News

Stealc Malware Steals Passwords & Credit Cards From Chrome & Firefox

Cybersecurity researcher, Aziz Farghly recently discovered an infostealer, "Stealc." Plymouth has promoted Stealc, a new non-resident stealer

The Hacker News

Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

Vietnamese hackers behind Ducktail malware launch a new campaign targeting Indian marketing pros.

The Record

Cyber-espionage operation on embassies linked to Russia’s Cozy Bear hackers

Targets in Azerbaijan and Italy bore the brunt of the operation by the Kremlin-backed hackers of APT29, also known as Cozy Bear, according to Ukraine's National Cyber Security Coordination Center.

The Record

CISA, FBI warn that Royal ransomware gang may rebrand as ‘BlackSuit’

The leading cybersecurity agencies in the U.S. released startling new data on the Royal ransomware gang on Monday, confirming previous reports that the gang may be preparing for a rebrand.

The Record

FBI takes down IPStorm malware botnet as hacker behind it pleads guilty

The FBI dismantled the IPStorm botnet proxy network and its infrastructure this week following a September plea deal with the hacker behind the operation.

Bleeping Computer

Israel warns of BiBi wiper attacks targeting Linux and Windows

Data-wiping attacks are becoming more frequent on Israeli computers as researchers discovered variants of the BiBi malware family that destroys data on both Linux and Windows systems.

Cyber Security News

BiBi Wiper Attacking Windows Machine to Cause Data Destruction

The ongoing conflict between Israel and Hamas has taken a new turn as cyberattacks have become a prominent weapon for both sides.

CyberNews

Hacking the sky: planes need patching, too – interview

Cyber assaults on the aviation sector carry more serious repercussions than mere data theft or DDoS attacks.

The Hacker News

New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks

Researchers warn of BiBi-Windows Wiper, a dangerous Windows version of a wiper malware used in cyber attacks on Israel.

Bleeping Computer

Windows 11 will soon let you uninstall more inbox apps

Microsoft is gearing up to roll out an update for Windows 11 that will significantly enhance user control over built-in apps. In the upcoming version, you will be able to uninstall a wider range of inbox apps.

Bleeping Computer

16 days ago

Iranian hackers launch malware attacks on Israel’s tech sector

Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms.

Bleeping Computer

16 days ago

Microsoft Edge is testing a new video translation feature

Microsoft Edge's latest Canary update has an innovative feature: video translation. This feature translates YouTube videos in real-time, and it allegedly supports four languages.

Bleeping Computer

Microsoft fixes Outlook Desktop bug causing slow saving issues

Microsoft has resolved a known issue causing significant delays for Microsoft 365 customers when saving attachments in Outlook Desktop.

Cyber Security News

10 Best Digital Forensic Investigation Tools - 2024

Best Free Digital Forensic Tools: 1. Sleuth Kit (+Autopsy) 2. Forensic Investigator 3.Autopsy 4. Dumpzilla 5. X-Ways Forensics.

Cyber Security News

Hackers Trick Windows Users With Malicious Ads to Deliver Malware

Cybersecurity researchers at Malwarebytes recently identified a malicious campaign that mimics the WindowsReport.com portal.

Cyber Security News

Hackers Exploit Microsoft Access Feature to Steal Windows User’s NTLM Tokens

Microsoft Access is a relational database management system which is developed by Microsoft that allows users to store and manage data.

Cyber Security News

MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability

SysAid disclosed a zero-day which was affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability.

Cyber Security News

Top 10 Best Google Alternatives in 2024

Best Google Alternatives: 1. DuckDuckGo 2. Search Encrypt 3. Qwant 4. Startpage 5. Mojeek 6. Bing 7. Gibiru 8. Ask 9. SearX 10. Yahoo!

Cyber Security News

Burp Suite 2023.10.3.4 Released for Professional & Community - What's New!

developers at PortSwigger released a new version of Burp Suite for ethical hackers and security professionals, which is Burp Suite 2023.10.3.4

Bleeping Computer

Hackers breach healthcare orgs via ScreenConnect remote access

Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool.

Bleeping Computer

Microsoft extends Windows Server 2012 ESUs to October 2026

Microsoft provides three more years of Windows Server 2012 Extended Security Updates (ESUs) until October 2026, allowing administrators more time to upgrade or migrate to Azure.

CyberNews

New malvertising campaign targets Windows geeks

A threat actor copied a legitimate Windows news website to deliver an infostealer for the CPU-Z processor tool.

Cyber Security News

SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT

SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.

Cyber Security News

Script Tracer Tool - Threat Researchers to Trace & Deobfuscate the Malware Execution

Cyber forensic tools play a crucial role in cyber investigations by helping investigators to collect, analyze, and preserve digital evidence.

The Hacker News

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors

Iranian hacker group Imperial Kitten launches cyberattacks on transportation, logistics, and tech sectors, including Israel.

DarkReading

'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machines

Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.

Bleeping Computer

Microsoft shares temp fix for broken Windows Server 2022 VMs

Microsoft publicly acknowledged a known issue causing Windows Server 2022 virtual machine (VM) blue screens and boot failures on VMware ESXi hosts.

Infosecurity News

Signature Techniques of Asian APT Groups Revealed

Kaspersky said the primary focus of these actors is cyber-espionage and information gathering

Bleeping Computer

Google ads push malicious CPU-Z app from fake Windows news site

A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware.

The Hacker News

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.

Bleeping Computer

Signal tests usernames that keep your phone number private

Signal is now testing public usernames that allow users to conceal the phone numbers linked to their accounts while communicating with others.

Bleeping Computer

Microsoft drops SMB1 firewall rules in new Windows 11 build

Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build.

Ars Technica

Highly invasive backdoor snuck into open source packages targets developers

Packages downloaded thousands of times targeted people working on sensitive projects.

The Hacker News

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

Python developers, watch out! Malicious Python packages sneak onto PyPI to steal sensitive data.

Computerworld

Windows Hello for Business: Passwordless authentication for Windows shops

Microsoft has brought biometric sign-in to Windows 10 business and enterprise users with Windows Hello for Business. Here’s how it works and how to deploy it to your users.

Cyber Security News

4 Zero-Day Bug in Microsoft Exchange Let Attackers Execute Arbitrary Code

Four new zero-day vulnerabilities have been identified in Microsoft Exchange with server-side request forgery and remote code execution.

Bleeping Computer

Fake Ledger Live app in Microsoft Store steals $768,000 in crypto

Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets.

DarkReading

North Korea's BlueNoroff APT Debuts 'Dumbed Down' macOS Malware

Kim Jong-Un's hackers are scraping the bottom of the barrel, using script kiddie-grade malware to steal devalued digital assets.

Cyber Security News

New Millenium RAT Sold on GitHub Attacking Windows Systems

Millenium-RAT, a sophisticated Remote Access Tool (RAT) for Windows systems, is now available for purchase on GitHub.

The Hacker News

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities

Pakistani threat actor SideCopy exploiting recent WinRAR vulnerability in attacks on Indian government entities.

Ars Technica

OpenAI introduces GPT-4 Turbo: Larger memory, lower cost, new knowledge

Novel-sized context window, DALL-E 3 API, more announced on OpenAI DevDay 2023.

Latest Hacking News

Discord Adopts Temporary CDN Links To Prevent Malware

After inadvertently becoming the vector to spread malware several times, Discord has devised a strategy to prevent it. Reportedly, Discord now switches to temporary CDN links for all files, preventing abuse of its network. Discord To

The Hacker News

Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel

Google warns of hackers exploiting its Calendar service to host command-and-control (C2) infrastructure.

Cyber Security News

HelloKitty Ransomware Exploiting Apache ActiveMQ Flaw

The recently disclosed Apache ActiveMQ remote code execution (RCE) flaw, CVE-2023-46604 is being exploited to spread ransomware.

The Record

Iran-linked hackers attack Israeli education and tech organizations

Hackers suspected of being tied to Iran’s government have been deploying new destructive malware against Israeli organizations, according to recent research.

Trend Micro

Zero Day Threat Protection for Your Network

Explore the world of zero day threats and gain valuable insight into the importance of proactive detection and remediation.

Bleeping Computer

23 days ago

Socks5Systemz proxy service infects 10,000 systems worldwide

A proxy botnet called 'Socks5Systemz' has been infecting computers worldwide via the 'PrivateLoader' and 'Amadey' malware loaders, currently counting 10,000 infected devices.

Cyber Security News

Threat and Vulnerability Roundup for the week of October 29th to November 4th

welcome to Cyber Writes' weekly publication - the Threat and Vulnerability Roundup! Get ready to dive into the latest and greatest in cybersecurity, as we bring you the most up-to-date information each week.

The Hacker News

StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

StripedFly, a stealthy malware posing as a crypto miner, has infected over a million devices worldwide and has flown under the radar for 5 years.

CSO

Iran-linked spy APT MuddyWater ratchets up anti-Israel attacks: Report

Fake folders and remote access tools are part of the MuddyWater advanced persistent threat (APT) espionage group’s latest campaign against Israeli targets, according to cybersecurity firm Deep Instinct.

DarkReading

'KandyKorn' macOS Malware Lures Crypto Engineers

Posing as fellow engineers, the North Korean state-sponsored cybercrime group Lazarus tricked crypto-exchange developers into downloading the hard-to-detect malware.

Bleeping Computer

New Microsoft Exchange zero-days allow RCE, data theft attacks

Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.

The Hacker News

NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads

Cybercriminals are using compromised business accounts to lure victims with "revealing photos of young women," distributing NodeStealer malware.

Cyber Security News

3,000+ Apache ActiveMQ Servers Vulnerable to RCE Attacks

Apache ActiveMQ servers exposed to the internet are at risk due to a critical remote code execution (RCE) vulnerability.

SecurityWeek

After Major Cloud Hacks, Microsoft Unveils ‘Secure Future Initiative’

Redmond's new security initiative promises faster patches, better management of signing keys and products with a higher default security bar.

Infosecurity News

Israeli Entities Under Attack By MuddyWater’s Advanced Tactics

Deep Instinct said MuddyWater leveraged a new file-sharing service called “Storyblok”

Cyber Security News

Remote Desktop Manager Flaw Let Attacker Execute Remote Code

Recent reports indicate that the Remote Desktop Manager and Devolutions Server have been affected by improper access control and Remote code execution vulnerabilities.

SecurityWeek

Microsoft Temporarily Disables SketchUp Support After Discovery of 117 Vulnerabilities

Zscaler identified 117 vulnerabilities in Microsoft 365’s support for SketchUp files and bypassed initial patches.

Ars Technica

This tiny device is sending updated iPhones into a never-ending DoS loop

No cure yet for a popular iPhone attack, except for turning off Bluetooth.

Cyber Security News

Google Chrome 119 Released: Fix for 15 security Flaws - Patch Now!

Google has released Chrome 119 to the stable channel for Windows, Mac, and Linux, along with 15 security patches.

The Hacker News

HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

Cybersecurity experts uncover a critical flaw in Apache ActiveMQ. Hackers exploit it for ransomware attacks.

DarkReading

More Than 100 Vulns in Microsoft 365 Tied to SketchUp 3D Library

While Microsoft patched the issues in June, support for SketchUp appears to remain disabled in Microsoft 365.

Bleeping Computer

Toronto Public Library outages caused by Black Basta ransomware attack

The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack.

Bleeping Computer

Hackers use Citrix Bleed flaw in attacks on govt networks worldwide

Threat actors are leveraging the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, to target government, technical, and legal organizations in the Americas, Europe, Africa, and the Asia-Pacific region.

Bleeping Computer

Microsoft: Windows Copilot makes desktop icons jump between displays

Microsoft says a new known issue is causing desktop icons to behave erratically on systems with multiple displays when using the Windows Copilot AI-powered digital assistant.

SecurityWeek

Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges

VMware’s Threat Analysis Unit finds 34 new vulnerable kernel drivers that can be exploited to alter or erase firmware and escalate privileges.

Cyber Security News

Iranian APT Group Utilize IIS-based Backdoors to Compromise Windows servers

A new threat actor who is found to be associated with Iran's Ministry of Intelligence and Security IIS conduct cyberespionage campaigns.

SecurityWeek

Iranian Cyber Spies Use 'LionTail' Malware in Latest Attacks

Check Point reports that an Iranian APT has been observed using a new malware framework in targeted attacks in the Middle East.

Computerworld

New Jamf CEO John Strosahl on Apple in the enterprise, Jamf's future

John Strosahl became CEO in September when he took over from Dean Hager. We caught up with him to discuss Apple's growing role in the enterprise and the future of his company.

Cyber Security News

Kubernetes Security Flaw Let Attackers Escalate to Admin Privileges

A new escalation vulnerability has been discovered in Kubernetes which allows threat actors to gain administrative privileges on affected pods.

SecurityWeek

Chrome 119 Patches 15 Vulnerabilities

Chrome 119 is rolling out to Linux, macOS, and Windows devices with patches for over a dozen vulnerabilities.

Cyber Security News

Knight Ransomware Attacking Windows Computer to Exfiltrate Sensitive Data

Several industrial sectors have been attacked by the Knight ransomware organisation that includes retail, and healthcare organisations.

The Hacker News

Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East

Iranian threat actor "Scarred Manticore" has launched a year-long cyber espionage campaign targeting the Middle East finance, government, military.

Cyber Security News

Strategic App Management: Simplifying, Securing, and Optimizing Device Workflows

App management encompasses each of these stages, ensuring a seamless experience for both users and admins. Let's explore how app management,

Bleeping Computer

Flipper Zero Bluetooth spam attacks ported to new Android app

Recent Flipper Zero Bluetooth spam attacks have now been ported to an Android app, allowing a much larger number of devices to implement these annoying spam alerts.

Bleeping Computer

Windows 11 23H2 - New features in the Windows 11 2023 Update

This article will explore Windows 11 23H2 features, from dynamic lighting to Windows Copilot upgrades.

DarkReading

Malware 'Meal Kits' Serve Up No-Fuss RAT Attacks

The wider availability of turnkey cyberattack kits in the criminal underground is leading to a glut of campaigns using remote access Trojans (RATs).

Bleeping Computer

How to download a Windows 11 23H2 ISO from Microsoft

Microsoft released Windows 11 23H2, the Windows 11 2023 Update, today, and you can now download an ISO image for the new version to put aside for emergencies or clean installs.

CSO

iLeakage updates Spectre for novel info-stealing side-channel attack

The iLeakage proof of concept targets Apple silicon devices running Safari, demonstrating techniques that improve on Sceptre and MeltDown exploits and demonstrate continuing vulnerabilities in modern CPUs.

Bleeping Computer

Microsoft releases Windows 11 23H2 as an enablement package

Microsoft announced today the release of Windows 11, version 23H2, the next feature update for its operating system (also known as the Windows 11 2023 Update).

Infosecurity News

Scarred Manticore Targets Middle East With Advanced Malware

Discovered by Check Point Research (CPR) and Sygnia, the campaign peaked in mid-2023

Bleeping Computer

28 days ago

Malicious NuGet packages abuse MSBuild to install malware

A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily.

Ars Technica

28 days ago

Windows CE, Microsoft’s stunted middle child, reaches end of support at 26 years

From netbooks and PDAs to ATMs, voting kiosks, and ungainly presidential phones.

DarkReading

28 days ago

UAE Bolsters Cyber Future With US Treasury Partnership, Collaborations

A determination to be taken seriously as a cyber player sees the United Arab Emirates announce a series of collaborations.

Cyber Security News

Hackers Infect Windows Users with Weaponized MSIX App Packages

MSIX packages can be distributed & installed without administrative privileges, allowing malicious software to traditional security controls.

Cyber Security News

CISA Announces New Logging Tool for Windows-based Devices

CISA has launched a new version of Logging Made Easy (LME), a free and simple log management solution for Windows-based devices.

CSO

New malware campaign uses MSIX packages to infect Windows PCs

The Ghostpulse loader, injected through MSIX packages, is a stealthy dropper that avoids detection by the victim’s scanners.

The Hacker News

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware

Cyber criminals are using fake MSIX Windows app packages of popular software to deliver GHOSTPULSE malware loader

The DFIR Report

Netsupport Intrusion Results in Domain Compromise - The DFIR Report

NetSupport Manager is one of the oldest third-party remote access tools still currently on the market with over 33 years of history. This is the first time we will report … Read More

Bleeping Computer

Windows 11 adds support for 11 file archives, including 7-Zip and RAR

Microsoft says Windows 11 22H2 now natively supports almost a dozen additional archive formats, including RAR, 7-Zip, Tar, and GZ archives.

Ars Technica

Microsoft profiles new threat group with unusual but effective practices

Octo Tempest employs tactics that many of its targets aren't prepared for.

Bleeping Computer

The Week in Ransomware - October 27th 2023 - Breaking Records

Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023.

Bleeping Computer

Microsoft 365 users get workaround for ‘Something Went Wrong’ errors

Microsoft shared a workaround for a known Microsoft 365 issue triggering 'Something Went Wrong [1001]' sign-in errors and making desktop applications unusable for many customers.

Bleeping Computer