June 19, 2024 | Cybernews
Threat actors are using free software as a bait to distribute malware, targeting unsuspecting consumers with pirated versions of popular software, deploying the Hijack Loader malware and Vidar Stealer information stealer through DLL side-loading techniques and AutoIt scripts, bypassing User Account Control and exploiting the CMSTPLUA COM interface for privilege escalation, ultimately adding itself to Windows Defender’s exclusion list for defense evasion, stealing sensitive credentials from web browsers, installing a bitcoin miner on compromised hosts, and utilizing ClearFake, TA571 malspam, ClickFix, Matanbuchus, DarkGate, SolarMarker, Lumma Stealer, Amadey Loader, XMRig miner, and clipper malware in various campaigns.
June 19, 2024 | Cybernews
VMware has patched critical vulnerabilities in its vSphere and Cloud Foundation products, including heap-overflow flaws in the DCE/RPC protocol and a local privilege escalation issue in vCenter, with fixes released by Broadcom.
June 19, 2024 | Cybernews
Signal Foundation’s Meredith Whittaker voices concerns over the EU’s “Chat Control” law, warning of potential impact on encryption and privacy.
June 18, 2024 | Cybernews
Meta, the parent company of Facebook, Instagram, and WhatsApp, has decided to halt training its large language models with public content from adults in the EU and EEA due to regulatory pressure and privacy concerns.
June 18, 2024 | Cybernews
ASUS releases urgent firmware updates for multiple router models to address critical security vulnerabilities, including authentication bypass and buffer overflow flaws.
June 18, 2024 | Cybernews
A data breach at the Los Angeles County Department of Public Health compromised the personal information of over 200,000 individuals, including names, dates of birth, medical records, Social Security Numbers, and financial details, highlighting the importance of cybersecurity measures in protecting sensitive information.
