Security news that informs and inspires

All Articles

2314 articles:

Microsoft Spoofing Flaw Exploited in Infostealer Attacks

More details have emerged about attacks leveraging the Microsoft flaw that was disclosed and patched last week.

Exploit

New Version of BeaverTail macOS Malware Identified

A new, native macOS version of the BeaverTail malware used by North Korean state-sponsored attackers has veen identified by researchers.

Malware, North Korea

AT&T: Threat Actors Compromised ‘Nearly All’ Customer Phone, Text Records

AT&T said threat actors had accessed an AT&T workspace on a third-party cloud platform and were able to exfiltrate customer call and text records.

Data Breach

SSH-Snake Tool Used in Data Exfiltration Attacks

A new threat actor is finding success in relying on open-source software (OSS) security tools and a networking mapping tool called SSH-Snake in its campaigns.

Open Source

Citrix Warns of Critical NetScaler Console Flaw

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Citrix are urging users and administrators to apply updates for the flaw.

Citrix

US, Australian Governments: APT40 Poses Ongoing Threat

APT40 has jumped on these flaws days or even hours within public release, warned a new advisory by CISA, the Australian government and others.

Apt40

How to Unearth Ransomware, Infostealer Trends From Malicious Domain Data

Ben Nahorney, threat intelligence analyst with Cisco, talks about how his team digs into malicious DNS activity to unearth new insights about how threat actors are using infostealers, ransomware and trojans.

Video

New OpenSSH CVE-2024-6409 Flaw Emerges

A week after the disclosure of the regreSSHion CVE-2024-6387 flaw in OpenSSH, researchers have found a related flaw (CVE-2024-6409) in some recent versions of the library.

Openssh

Decipher Podcast: Chris Hughes

Chris Hughes, co-founder of Aquia and a Cyber Innovation Fellow at the Cybersecurity and Infrastructure Security Agency, joins Dennis Fisher to talk about the challenges of supply chain security, working with the government to address systemic issues, and the importance of collaboration.

Podcast, Government, CISA

New Eldorado Ransomware Hits Windows, Linux Systems

Researchers have discovered the Eldorado group, which they said has developed and deployed a “highly effective” ransomware builder used to target both Windows and Linux systems.

Ransomware

TeamViewer Ties Cyberattack to Russian APT29 Group

After disclosing a security incident on Thursday, remote access software company TeamViewer on Friday said that the attack was “tied to credentials of a standard employee account” within its Corporate IT environment.

Credentials

Exploit Code Released For Fortra SQL Injection Bug

Fortra disclosed a critical-severity SQL injection flaw in FileCatalyst Workflow, and researchers have also published a proof-of-concept exploit code for the bug.

Proof of Concept, Flaw

Researchers Warn of Widespread Polyfill Supply Chain Attack

The popular polyfill.io JavaScript library has been used to inject malicious code into thousands of sites in the last few days.

Vulnerabilitiy, Supply Chain Security

Cisco Talos: How Threat Actors Target MFA

According to the latest Cisco Talos Incident Response Quarterly Trends report, instances related to MFA were involved in some capacity in half of all security incidents that the Talos team responded to in the first quarter of 2024.

Video, Identity

Critical MOVEit Authentication Bypass Flaws Fixed

The flaws include a critical-severity MOVEit Transfer authentication bypass bug (CVE-2024-5806).

Flaw