The operator of the HelloKitty ransomware program has announced a rebranding to HelloGookie and has released passwords for previously leaked source codes of CD Projekt RED, information about Cisco networks, as well as decryption...
Users of the CrushFTP file transfer software are strongly advised to upgrade to the latest version following the discovery of a vulnerability that has been subject to targeted exploitation. CrushFTP has issued a warning...
Palo Alto Networks has disclosed details of a critical vulnerability in the PAN-OS that has been actively exploited. The vulnerability designated CVE-2024-3400 with a CVSS score of 10.0, arises from a combination of two...
A recently uncovered cyberattack has impacted the technological, scientific, and governmental sectors across the Asia-Pacific region. The attack has been attributed to the hacker group BlackTech, known for its sophisticated methods of obfuscating its...
The MITRE Corporation, a non-profit organization, has disclosed that in January 2024, a sophisticated, state-sponsored hacker group infiltrated its systems by chaining together two zero-day exploits in the Ivanti VPN. The incident was initially...
From June 2023 to February 2024, specialists from Sophos‘s cyber intelligence division identified 19 different types of ransomware being offered for sale on four dark web forums for relatively modest sums, ranging from $20...
Cisco has released updates to address a critical vulnerability in its Integrated Management Controller, which allows local attackers to elevate their privileges to the administrator level. “A vulnerability in the CLI of the Cisco...
Researchers from the University of Illinois at Urbana-Champaign recently published a study demonstrating that OpenAI’s artificial intelligence model, GPT-4, is capable of independently exploiting vulnerabilities in real systems once it receives detailed descriptions of...
A service called Spy Pet has raised alarms among Discord users by offering archival and activity tracking services on the platform for a nominal fee of $5. Spy Pet enables third parties, potentially including...
At the end of last year, a major American automobile manufacturer, whose name has not been disclosed, fell victim to a targeted attack orchestrated by the hacker group FIN7. According to researchers from BlackBerry,...
Forescout has detected a new campaign exploiting a vulnerability in Fortinet FortiClient EMS devices to disseminate malware. The SQL injection vulnerability, CVE-2023-48788 (CVSS score: 9.8), enables unauthorized attackers to execute code through specially crafted...
A new type of banking malware for Android, named “SoumniBot,” employs an unconventional obfuscation method that leverages vulnerabilities in the process of extracting and analyzing the Android manifest. This allows it to circumvent standard...
Since 2015, certain Ukrainian government networks have remained infected with a malicious program known as OfflRouter. Researchers from Cisco Talos have analyzed over 100 infected documents, which enabled them to identify the virus’s ongoing...
American mobile service providers T-Mobile and Verizon have been besieged by a wave of cybercriminal attacks, wherein employees are bombarded with messages on both personal and work phones offering financial incentives for engaging in...
Fortinet reports that malicious actors continue to exploit a year-old vulnerability in TP-Link routers, incorporating them into various botnets for conducting DDoS attacks. The command injection vulnerability, CVE-2023-1389 (CVSS score: 8.8), was identified at...
In the first quarter of 2024, the Philippines witnessed a sharp increase in cyberattacks amid escalating tensions in the South China Sea, as reported by Resecurity. Compared to the same period last year, the...
