Cyber Espionage Campaign Targeting Kurdish Websites Uncovered
A cyber espionage campaign targeting Kurdish websites, known as SilentSelfie, has compromised 25 sites with a watering hole attack, stealing user information and leading to the installation of a malicious Android APK.
View full story…
Solving the SIEM Problem: A Hard Reset on Legacy Solutions
Join Zuri Cortez and Seth Geftic in their webinar as they explore the evolution of SIEM, current challenges, and their innovative approach to enhancing security.
View full story…
Major UK Train Stations Hit by Offensive Islamophobic Cyber Attack
A recent cyber security incident at major UK train stations involved offensive Islamophobic messages displayed on public WiFi networks, highlighting the risks posed by insider threats.
View full story…
Chinese Hackers Target US ISPs in Cyber Espionage Campaign
Chinese nation-state threat actors, including APT groups Salt Typhoon, Flax Typhoon, and Velvet Ant, have been targeting US internet service providers as part of cyber espionage campaigns.
View full story…
Study Reveals Alarming Trend of Employees Sharing Sensitive Information with AI Tools
CybSafe and the National Cybersecurity Alliance report shows younger generations are more likely to share work information with AI tools without employer authorization, highlighting the need for enhanced digital security measures.
View full story…
Critical Vulnerabilities in Kia Vehicles Allow Remote Control Using License Plate
Security researchers discovered vulnerabilities in Kia vehicles that allowed remote control over key functions using only a license plate, affecting almost all Kia vehicles made after 2013 and exposing personal information of owners.
View full story…
New Malware Strains Identified in North Korean Threat Group Sparkling Pisces
Researchers have discovered new malware strains, KLogEXE and FPSpy, being used by the North Korean threat group Sparkling Pisces, specifically the Kimsuky group.
View full story…
Latest Cybernews
Researchers Discover New Post-Exploitation Red Team Tool Named Splinter Developed in Rust
Palo Alto Networks Unit 42 researchers have discovered Splinter, a post-exploitation red team tool with standard features commonly found in penetration testing tools, posing a potential threat if misused.
View full story…
Critical Authentication Bypass Vulnerability in Ivanti’s Virtual Traffic Manager (vTM) Appliances Identified
Remote unauthenticated attackers exploiting CVE-2024-7593 vulnerability in Ivanti vTM appliances to create new admin accounts.
View full story…
Over 3,000 Capitol Hill Staffers’ Personal Data Exposed in Data Breach
Personal data, including passwords and social media information, of over 3,000 Capitol Hill staffers leaked on the dark web, highlighting the need for enhanced cybersecurity measures.
View full story…
CrowdStrike Apologizes for Global IT Outage Caused by Flawed Software Update
CrowdStrike’s senior vice-president Adam Meyers apologizes for a flawed software update that disabled internet services on 8.5 million Microsoft Windows devices, leading to system crashes and halted business operations.
View full story…
House Homeland Security Committee Republicans Introduce Bill to Counter Chinese Cyber Threats
Legislation introduced by House Republicans aims to establish an interagency task force to combat Chinese cyber threats, focusing on hacking collectives like Volt Typhoon and Flax Typhoon.
View full story…
Transportation Companies in North America Targeted in Cyber Attack Campaign
Cyber attackers compromise legitimate email accounts to distribute malware payloads, including information stealers and remote access trojans, in a sophisticated attack possibly involving government-backed actors from Russia and China.
View full story…
Google’s Transition to Rust Programming Reduces Android Memory Safety Vulnerabilities by 52%
Google’s adoption of memory-safe languages like Rust has significantly decreased memory safety vulnerabilities in Android over a six-year period.
View full story…