Posts by External News-Site
New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information.
Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it’s likely associated with the North Korean state-sponsored group tracked as Kimsuky.
“The malware payloads used in the DEEP#GOSU represent a
Tracking Everything on the Dark Web Is Mission Critical
On the Dark Web, stolen secrets are your enemy, and context is your friend.
Read MoreWordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw
WordPress users of miniOrange’s Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw.
The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. It impacts the following versions of the two plugins –
Malware Scanner (versions
Read MoreAPT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme
The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America.
“The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated
International Monetary Fund email accounts hacked in cyberattack
The International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year. […]
Read MoreChinese espionage a prime concern for connected vehicles
On February 29, US President Joe Biden announced “unprecedented actions to ensure that cars on US roads from countries of concern like China do not undermine our national security.” He asked the Commerce Department to launch an advanced rulemaking (ANPRM) on connected vehicles with technology from those countries and to take action to respond to the risks.
Read MoreGoogle’s Gemini AI Vulnerable to Content Manipulation
Like ChatGPT and other GenAI tools, Gemini is susceptible to attacks that can cause it to divulge system prompts, reveal sensitive information, and execute potentially malicious actions.
Read MoreResearchers expose Microsoft SCCM misconfigs usable in cyberattacks
Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft’s Configuration Manager, which could allow an attacker to execute payloads or become a domain controller. […]
Read MoreIncognito Darknet Market Mass-Extorts Buyers, Sellers
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform.
Read MoreMicrosoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets
Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024.
“In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our