Category: Uncategorized
-
What is Extensible Authentication Protocol (EAP)?
Post ContentRead More
-

Google Exposes GLASSBRIDGE: A Pro-China Influence Network of Fake News Sites [email protected] (The Hacker News)
Government agencies and non-governmental organizations in the United States have become the target of a nascent China state threat actor known as Storm-2077. The adversary, believed to be active since at least January 2024, has also conducted cyber attacks against the Defense Industrial Base (DIB), aviation, telecommunications, and financial and legal services across the world,…
-

North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn [email protected] (The Hacker News)
The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity clusters with ties to the country have been observed creating fake profiles…
-
Palo Alto Networks Management Interface Attack
Palo Alto Networks has recently disclosed two zero-day vulnerabilities, CVE-2024-0012 and CVE-2024-9474, affecting the PAN-OS firewall and other products. Both flaws, which are actively being exploited in the wild, affect the Management Web Interface. Successful exploitations allows attackers to bypass authentication and gain administrator-level access without any user interaction.Read More
-

APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware [email protected] (The Hacker News)
The threat actor known as Mysterious Elephant has been observed using an advanced version of malware called Asynshell. The attack campaign is said to have used Hajj-themed lures to trick victims into executing a malicious payload under the guise of a Microsoft Compiled HTML Help (CHM) file, the Knownsec 404 team said in an analysis…
-

China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign [email protected] (The Hacker News)
A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike post-exploitation toolkit for follow-on information collection. “The attackers embedded malicious JavaScript in these sites, which spoofed a TLS certificate error to trick visitors into downloading aRead More
-
Volexity details Russia’s novel ‘Nearest Neighbor Attack’
Post ContentRead More
-
What is endpoint detection and response (EDR)?
Post ContentRead More
-

Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia [email protected] (The Hacker News)
Threat actors with ties to Russia have been linked to a cyber espionage campaign aimed at organizations in Central Asia, East Asia, and Europe. Recorded Future’s Insikt Group, which has assigned the activity cluster the name TAG-110, said it overlaps with a threat group tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as…
-

Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data? [email protected] (The Hacker News)
Google Workspace has quickly become the productivity backbone for businesses worldwide, offering an all-in-one suite with email, cloud storage and collaboration tools. This single-platform approach makes it easy for teams to connect and work efficiently, no matter where they are, enabling seamless digital transformation that’s both scalable and adaptable. As companies shift from traditional,Read More
