Category: Information Security

Spy Pet

Discord Messages for Sale: Spy Pet Raises Alarms

A service called Spy Pet has raised alarms among Discord users by offering archival and activity tracking services on the platform for a nominal fee of $5. Spy Pet enables third parties, potentially including...

SoumniBot

SoumniBot: Android Malware with Evasive Tactics

A new type of banking malware for Android, named “SoumniBot,” employs an unconventional obfuscation method that leverages vulnerabilities in the process of extracting and analyzing the Android manifest. This allows it to circumvent standard...

OfflRouter virus

Warning: Infected Documents Target Ukraine

Since 2015, certain Ukrainian government networks have remained infected with a malicious program known as OfflRouter. Researchers from Cisco Talos have analyzed over 100 infected documents, which enabled them to identify the virus’s ongoing...

Condi botnet

Critical TP-Link Flaw Under Attack: Update Now

Fortinet reports that malicious actors continue to exploit a year-old vulnerability in TP-Link routers, incorporating them into various botnets for conducting DDoS attacks. The command injection vulnerability, CVE-2023-1389 (CVSS score: 8.8), was identified at...

CVE-2024-31497

CVE-2024-31497: PuTTY Exploit Endangers Data

The developers of PuTTY are issuing a warning about a critical vulnerability affecting versions 0.68 to 0.80, which could potentially allow an attacker to completely reconstruct private NIST-P521 keys. The vulnerability, identified as CVE-2024-31497,...

WormGPT Volt Typhoon group

Global Brute-Force Attacks Spike: Cisco Issues Warning

International cybersecurity is under threat following a discovery by Cisco Talos experts of a large-scale credential stuffing campaign targeting VPN and SSH services of companies including Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti. The campaign...

Muddled Libra

Cloud Under Siege: Muddled Libra Shifts Tactics

Palo Alto Networks’ Unit 42 reports that the cybercriminal group Muddled Libra is actively targeting cloud applications and cloud service providers in a bid to steal confidential data. According to the report, the attackers...

TA558

TA558 Attacks Surge: 320+ Organizations Targeted

Recently, the cybercriminal group TA558 has significantly increased its malicious activities, attacking organizations worldwide with various types of malware. Security specialists from Positive Technologies have identified over 320 attacks carried out by this group....

Omni Hotels cyberattack

Omni Hotels Hacked: Daixin Gang Demands Ransom

The cybercriminal group Daixin Team has claimed responsibility for the recent attack on the Omni Hotels & Resorts network and threatens to release confidential customer information unless a ransom is paid. Omni Hotels operates...

LockBit 3.0 builder

Kaspersky Warns: LockBit 3.0 Leak Makes Ransomware Worse

The latest study by Kaspersky Lab delves into the ramifications of the LockBit 3.0 builder leak that occurred in 2022. This event significantly empowered cybercriminals to create highly customizable malicious software versions, enhancing the...

Salt Typhoon Kansas State University cyberattack

Third-Party Breach Exposes Cisco Duo MFA Data

A third-party company responsible for the telecommunication services used in Cisco Duo’s multi-factor authentication (MFA) system was subjected to a cyberattack employing social engineering tactics. Consequently, Cisco has urged its clients to exercise extreme...