Cybercriminals use free software to deploy malware.
June 18, 2024
In order to transmit a malware loader known as Hijack Loader, which then deploys an information stealer known as Vidar Stealer, threat actors are luring unsuspecting consumers by offering free or pirated versions of commercial software. “Adversaries had managed to trick users into…
0 Comments7 Minutes
ASUS Patches Multiple Router Models.
June 17, 2024
The company has addressed a significant security weakness affecting ASUS routers through the release of software upgrades. Malicious actors might exploit this flaw to circumvent authentication. The vulnerability, under the identifier CVE-2024-3080, receives a CVSS score of 9.8 out of a possible…
0 Comments4 Minutes
What to do when you get a phishing email?
June 13, 2024
So you got a suspicious email and you clicked on it. Don’t panic just yet. Phishing emails are designed to trick you into revealing sensitive information or installing malicious software on your device. They’re undoubtedly cunning, but understanding what to do next can save you from a potential…
0 Comments8 Minutes
Cryptojackers Exploit Misconfigured Kubernetes Clusters
June 12, 2024
Cybersecurity researchers have warned of an ongoing cryptojacking campaign exploiting misconfigured Kubernetes clusters to mine Dero money. Cloud security firm Wiz, which revealed the activity, stated that it is an enhanced version of a financially motivated operation previously identified by…
0 Comments3 Minutes
Apple Debuts Private Cloud Compute to Enhance AI Privacy
June 11, 2024
Apple has unveiled a “groundbreaking cloud intelligence system” named Private Cloud Compute (PCC), aimed at managing artificial intelligence (AI) workloads in the cloud while upholding privacy standards. The tech giant described PCC as the “most advanced security architecture ever…
0 Comments6 Minutes
More_eggs Malware Hidden in Fake Resumes
June 10, 2024
Cybersecurity experts have discovered a phishing attempt that distributes the More_eggs virus by masquerading as a resume, a tactic first identified more than two years ago. The attempted attack targeted an undisclosed industrial services company in May 2024, according to Canadian cybersecurity…
0 Comments6 Minutes
Urgent PHP Fix for Windows Users
June 10, 2024
Details have emerged about a major new security vulnerability in PHP that could be exploited to achieve remote code execution under certain conditions. The vulnerability, identified as CVE-2024-4577, is described as a CGI argument injection flaw affecting all PHP versions installed on the Windows…
0 Comments3 Minutes
TikTok Stars Fall Victim to Zero-Click DM Hacking
June 6, 2024
TikTok, a popular video-sharing website, has disclosed a security flaw that threat actors used to gain control of high-profile accounts on the platform. Semafor and Forbes were the first to report on the development, which outlined a zero-click account takeover effort that allows malware spread…
0 Comments5 Minutes
Python Developers Hit by Fake “Crytic-Compilers” Scam on PyPI
June 6, 2024
Cybersecurity experts discovered a malicious Python package posted to the Python Package Index (PyPI) repository intended to transmit an information stealer known as Lumma (aka LummaC2). You might be interested in: Rockwell’s Call to Disconnect ICS from Internet The package in question is…
0 Comments4 Minutes
Cox Modem Vulnerabilities Threaten Millions
June 3, 2024
Vulnerabilities in Cox modems, now patched, that permitted permission bypasses, may have been used as a springboard to gain unauthorized access to the devices and execute malicious commands. “This series of vulnerabilities demonstrated a way in which a fully external attacker, without any…
0 Comments5 Minutes