Stay up-to-date with the latest cybersecurity news and developments in the cybersecurity landscape. Be the first to know about the latest threats, current innovations, and major trends in the cyber universe. Check our Cyber News section for the freshest information.
In a shocking turn of events, Lebanon has witnessed two consecutive days of explosions targeting communication devices used by Hezbollah, a powerful Shiite political and military organization. This incident has raised significant concerns in the cybersecurity community, highlighting the potential for seemingly innocuous devices to be weaponized. The Unfolding of Events On September 17, 2024, … Read more
Cybersecurity experts have raised alarm bells over a new threat targeting the construction industry. Hackers are actively exploiting vulnerabilities in Foundation, a widely-used accounting software, by launching brute force attacks against privileged accounts on unprotected servers. The Anatomy of the Attack According to specialists at Huntress, this malicious campaign was first detected on September 14, … Read more
In a significant move to bolster its browser security, Google has announced a substantial increase in its Chrome Vulnerability Reward Program (VRP) payouts. The tech giant is now offering up to $250,000 for a single critical vulnerability, effectively doubling the previous maximum reward. This decision underscores Google’s commitment to maintaining Chrome’s security and incentivizing researchers … Read more
GitLab, a popular DevOps platform, has recently released critical security patches to address multiple vulnerabilities in its Community Edition (CE) and Enterprise Edition (EE). The most severe of these, identified as CVE-2024-6678, could potentially allow attackers to execute pipelines on behalf of any user under certain conditions. Understanding the Scope and Severity The latest security … Read more
Cybersecurity experts have raised alarms about a significant shift in the tactics of the notorious hacking group known as Librarian Ghouls. The group, previously focused on stealing confidential information through malicious email campaigns targeting office documents, has now expanded its scope to include files used by industrial system modeling and development software. Evolution of Librarian … Read more
A new ransomware-as-a-service (RaaS) operation has emerged, masquerading as the enigmatic Cicada 3301 group. This development marks a significant shift in the cybercriminal landscape, with the threat actors already claiming 19 victims on their dark web site. The Deceptive Use of Cicada 3301’s Identity The ransomware group has appropriated the name and logo of Cicada … Read more
A new and sophisticated backdoor malware, dubbed Vo1d, has infected nearly 1.3 million Android-based TV boxes across 197 countries, according to cybersecurity experts at Dr.Web. This alarming development highlights the growing vulnerability of smart home devices and the need for enhanced security measures in the Internet of Things (IoT) ecosystem. Global Impact and Distribution The … Read more
Cybersecurity researchers have unveiled a novel attack method dubbed PIXHELL, capable of extracting sensitive data from air-gapped systems using sound waves generated by LCD monitors. This groundbreaking technique, developed by Dr. Mordechai Guri and his team at Ben-Gurion University’s Cyber Security Research Center, demonstrates yet another vulnerability in what were once considered impenetrable isolated networks. … Read more
The notorious ransomware group OldGremlin has resurfaced with a new sophisticated attack targeting Russian companies, particularly in the petrochemical sector. Cybersecurity experts at FACCT have uncovered a novel tool in the group’s arsenal: OldGremlin.JsDownloader, a JavaScript-based malware downloader that marks a significant evolution in their tactics. Anatomy of the Attack: Impersonation and Deception The attack … Read more
In a significant development for cybersecurity, three individuals have admitted guilt in operating OTP.Agency, a platform that exploited social engineering tactics to bypass multi-factor authentication (MFA) systems of various UK banks and services. This case highlights the evolving threats to financial institutions and the critical need for robust security measures. The OTP.Agency Operation: A Sophisticated … Read more
