Cybercriminals Targets Microsoft Console Files
Malicious actors are now employing a novel attack method in real-world scenarios, utilizing specially crafted Microsoft Management Console (MSC) files to enable full code execution. By exploiting vulnerabilities within the Microsoft Management Console (MMC), these actors effectively circumvent…
0 Comments4 Minutes
Google Launches Project Naptime for AI Security Discovery
Google has created a new framework called Project Naptime, which allows a large language model (LLM) to conduct vulnerability research and enhance automated discovery methods. According to Google Project Zero researchers Sergei Glazunov and Mark Brand, the Naptime architecture revolves around the…
0 Comments3 Minutes
Intel CPUs Affected by New UEFI Vulnerability
Cybersecurity experts have disclosed details about a recently patched security vulnerability in Phoenix SecureCore UEFI software, affecting various Intel Core desktop and mobile processors. You might be interested in: What to do when you get a phishing email? Known as the…
0 Comments4 Minutes
Markopolo’s Crypto Scam via Fake Meeting Software
A threat actor known as Markopolo has been identified as the mastermind behind a large-scale cross-platform Crypto Scam that utilizes information-stealing malware to target digital currency users on social media and steal cryptocurrency. You might be interested in: What to do when you get a…
0 Comments5 Minutes
Cybercriminals use free software to deploy malware.
In order to transmit a malware loader known as Hijack Loader, which then deploys an information stealer known as Vidar Stealer, threat actors are luring unsuspecting consumers by offering free or pirated versions of commercial software. “Adversaries had managed to trick users into…
0 Comments7 Minutes
ASUS Patches Multiple Router Models.
The company has addressed a significant security weakness affecting ASUS routers through the release of software upgrades. Malicious actors might exploit this flaw to circumvent authentication. The vulnerability, under the identifier CVE-2024-3080, receives a CVSS score of 9.8 out of a possible…
0 Comments4 Minutes
What to do when you get a phishing email?
So you got a suspicious email and you clicked on it. Don’t panic just yet. Phishing emails are designed to trick you into revealing sensitive information or installing malicious software on your device. They’re undoubtedly cunning, but understanding what to do next can save you from a potential…
0 Comments8 Minutes
Cryptojackers Exploit Misconfigured Kubernetes Clusters
Cybersecurity researchers have warned of an ongoing cryptojacking campaign exploiting misconfigured Kubernetes clusters to mine Dero money. Cloud security firm Wiz, which revealed the activity, stated that it is an enhanced version of a financially motivated operation previously identified by…
0 Comments3 Minutes
Apple Debuts Private Cloud Compute to Enhance AI Privacy
Apple has unveiled a “groundbreaking cloud intelligence system” named Private Cloud Compute (PCC), aimed at managing artificial intelligence (AI) workloads in the cloud while upholding privacy standards. The tech giant described PCC as the “most advanced security architecture ever…
0 Comments6 Minutes
More_eggs Malware Hidden in Fake Resumes
Cybersecurity experts have discovered a phishing attempt that distributes the More_eggs virus by masquerading as a resume, a tactic first identified more than two years ago. The attempted attack targeted an undisclosed industrial services company in May 2024, according to Canadian cybersecurity…
0 Comments6 Minutes