Category: Uncategorized
-

Russian Star Blizzard Shifts Tactics to Exploit WhatsApp QR Codes for Credential Harvesting [email protected] (The Hacker News)
The Russian threat actor known as Star Blizzard has been linked to a new spear-phishing campaign that targets victims’ WhatsApp accounts, signaling a departure from its longstanding tradecraft in a likely attempt to evade detection. “Star Blizzard’s targets are most commonly related to government or diplomacy (both incumbent and former position holders), defense policy or…
-

Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action [email protected] (The Hacker News)
The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle. Traditional trust management? Forget it. It’s simply not built for today’s…
-

The $10 Cyber Threat Responsible for the Biggest Breaches of 2024 [email protected] (The Hacker News)
You can tell the story of the current state of stolen credential-based attacks in three numbers: Stolen credentials were the #1 attacker action in 2023/24, and the breach vector for 80% of web app attacks. (Source: Verizon). Cybersecurity budgets grew again in 2024, with organizations now spending almost $1,100 per user (Source: Forrester). Stolen credentials…
-

New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits [email protected] (The Hacker News)
Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) systems. The vulnerability, assigned the CVE identifier CVE-2024-7344 (CVSS score: 6.7), resides in a UEFI application signed by Microsoft’s “Microsoft Corporation UEFI CA 2011” third-party UEFI certificate, according to a newRead…
-

Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions [email protected] (The Hacker News)
Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that’s designed to disable NT LAN Manager (NTLM) v1 can be trivially bypassed by a misconfiguration. “A simple misconfiguration in on-premise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications,” Silverfort researcher Dor Segal said in aRead…
-

Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer [email protected] (The Hacker News)
Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. “In both campaigns, attackers hid malicious code in images they uploaded to archive[.]org, a file-hosting website, and used the same .NET loader to install their final payloads,” HP Wolf Security…
-
The mystery of the $75M ransom payment to Dark Angels
Post ContentRead More
-

Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws [email protected] (The Hacker News)
Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Python-based backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded…
-

Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager [email protected] (The Hacker News)
Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager (EPM), including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws…
-
ESET details UEFI Secure Boot bypass vulnerability
Post ContentRead More
