Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
A large-scale malware campaign targeting Google Chrome and Microsoft Edge users has been uncovered by cybersecurity experts at ReasonLabs. This sophisticated attack has resulted in the installation of malicious browser extensions over 300,000 times, putting users’ data and privacy at significant risk. The Evolution of the Attack The campaign, active since 2021, has evolved from … Read more
In a significant blow to international cybercrime, the UK’s National Crime Agency (NCA) has successfully shut down Russian Coms, a prolific caller ID spoofing platform. This operation marks a crucial step in combating telephone fraud and protecting vulnerable individuals from financial exploitation. The Scale and Impact of Russian Coms Russian Coms, established in 2021, facilitated … Read more
In a groundbreaking development, researchers have created AI-powered bots capable of solving certain types of CAPTCHA challenges with unprecedented accuracy, potentially marking the end of an era for traditional human verification methods. This advancement raises significant concerns for cybersecurity experts and website administrators worldwide. The Rise of Super-Intelligent CAPTCHA-Solving Bots A team led by Andreas … Read more
Cybersecurity researchers from Graz University of Technology have unveiled a groundbreaking Linux kernel exploitation technique called SLUBStick. This novel approach significantly amplifies the impact of heap-related vulnerabilities, posing a severe threat to Linux systems’ security landscape. Understanding SLUBStick: A Game-Changer in Kernel Exploitation SLUBStick represents a paradigm shift in exploiting Linux kernel vulnerabilities. By leveraging … Read more
Cybersecurity experts are sounding the alarm about a widespread ransomware campaign orchestrated by the Magniber group. This malicious operation is specifically targeting individual users across the globe, encrypting victims’ data and demanding a ransom of $1,000 USD for file recovery. The Evolution of Magniber Ransomware Magniber first emerged in 2017, initially distributed through the notorious … Read more
In a significant development for cybersecurity, U.S. law enforcement agencies have apprehended two suspected administrators of the infamous carding marketplace WWH-Club. The arrests took place in Florida following a series of large cash purchases that raised suspicions. The Rise and Fall of WWH-Club WWH-Club, a hacking forum and marketplace operational since 2012, has been a … Read more
Cybersecurity researchers at Proofpoint have uncovered a disturbing trend: cybercriminals are increasingly exploiting Cloudflare Tunnel functionality to distribute malware, particularly Remote Access Trojans (RATs). This development has raised concerns in the cybersecurity community and sparked criticism from Spamhaus regarding Cloudflare’s response to the issue. The Rise of Cloudflare Tunnel Abuse First observed in February 2023, … Read more
In a startling revelation for the cybersecurity community, a vulnerability discovered 18 years ago, dubbed “0.0.0.0 Day,” has resurfaced as a significant threat to popular web browsers. This long-standing flaw allows malicious websites to bypass security measures in Google Chrome, Mozilla Firefox, and Apple Safari, potentially compromising user data and system integrity. Understanding the 0.0.0.0 … Read more
Cybersecurity experts from Infoblox and Eclypsium have raised alarms about a widespread DNS attack known as “Sitting Ducks” or “Ducks Now Sitting” (DNS). This sophisticated attack vector poses a daily threat to over a million domains, with researchers confirming that cybercriminals have already successfully hijacked 35,000 domains using this method. Understanding the Sitting Ducks Attack … Read more
In a significant move to bolster cybersecurity, SAP has released its August 2024 patch set, addressing a total of 17 vulnerabilities across its software suite. The most critical among these is an authentication bypass flaw that could potentially allow remote attackers to completely compromise affected systems. Critical Authentication Bypass Vulnerability in SAP BusinessObjects The authentication … Read more
