A Threat Actor Spent Two Years to Implement a Linux Backdoor
[ad_1] A threat actor quietly spent the last two years integrating themself in the core team of maintainers of XZ Utils, a free software command-line data compressor widely used in…
How CSVs Target Devices and Applications
[ad_1] A new publication from Google’s Threat Analysis Group focuses on commercial surveillance vendors, whose services are bought by governments for monitoring or spying purposes. Google is currently tracking more…
Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More
[ad_1] The Federal Bureau of Investigation and Cybersecurity & Infrastructure Security Agency warned in a joint advisory about a threat actor deploying a botnet that makes use of the Androxgh0st…
Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems
[ad_1] Two zero-day vulnerabilities have been discovered in Ivanti Secure VPN, a popular VPN solution used by organizations worldwide. The vulnerabilities are currently being exploited in the wild by at…
ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware’s Prevalence
[ad_1] Risk mitigation tips are provided for each of these cybersecurity threats. Cybersecurity company ESET released its H2 2023 threat report, and we’re highlighting three particularly interesting topics in it:…
Proofpoint Exposes Sophisticated Social Engineering Attack on Recruiters That Infects Their Computers With Malware
[ad_1] Recruiters and anyone else involved in hiring processes should be knowledgeable about this social engineering attack threat. A new report from U.S.-based cybersecurity company Proofpoint exposes a new attack…
Latest in the Financial Sector Cyber Threat Landscape
[ad_1] A new report from French-based cybersecurity company Sekoia describes evolutions in the financial sector threat landscape. The sector is the most impacted by phishing worldwide and is increasingly targeted…
Kaspersky’s Advanced Persistent Threats Predictions for 2024
[ad_1] Kaspersky’s new report provides the company’s view on the advanced persistent threats landscape for 2024. Existing APT techniques will keep being used, and new ones will likely emerge, such…
Sandworm, a Russian Threat Actor, Disrupted Power in Ukraine Via Cyberattack
[ad_1] Any company that is strategic could be targeted for the same kind of actions as this cyberattack. Follow these tips to mitigate your company’s risk to this cybersecurity threat.…
EleKtra-Leak Campaign Uses AWS Cloud Keys Found on Public GitHub Repositories to Run Cryptomining Operation
[ad_1] In the active Elektra-Leak campaign, attackers hunt for Amazon IAM credentials within public GitHub repositories before using them for cryptomining. Get tips on mitigating this cybersecurity threat. Image: WhataWin…