Category: Uncategorized
-

How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back [email protected] (The Hacker News)
Attackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MFA, EDR, and email content filtering. In this article, we’re going to look at what AitM phishingRead…
-

Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks [email protected] (The Hacker News)
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a “command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE),” Akamai…
-
Beckhoff TwinCAT/BSD Vulnerabilities Expose PLCs to Tampering, DoS Attacks Eduard Kovacs
Beckhoff Automation has patched several vulnerabilities in its TwinCAT/BSD operating system for industrial PCs. The post Beckhoff TwinCAT/BSD Vulnerabilities Expose PLCs to Tampering, DoS Attacks appeared first on SecurityWeek. Read More
-
Uniqkey Raises €5.35 Million for Business Password Management Solutions Ionut Arghire
European password management startup Uniqkey has raised €5.35 million (~$5.9 million) from BackingMinds. The post Uniqkey Raises €5.35 Million for Business Password Management Solutions appeared first on SecurityWeek. Read More
-
Iranian Hackers Use New Tickler Malware to Collect Intel From US, UAE Eduard Kovacs
The Iran-linked state-sponsored hacker group tracked as Peach Sandstorm has started using a new backdoor in attacks aimed at the US and UAE. The post Iranian Hackers Use New Tickler Malware to Collect Intel From US, UAE appeared first on SecurityWeek. Read More
-
Ransomware Gang Leaks Data Allegedly Stolen From Microchip Technology Eduard Kovacs
The Play ransomware group has published gigabytes of data allegedly stolen from US semiconductor supplier Microchip Technology. The post Ransomware Gang Leaks Data Allegedly Stolen From Microchip Technology appeared first on SecurityWeek. Read More
-
Quishing Campaign Abuses Microsoft Sway to Host Phishing Pages Ionut Arghire
Threat actors are abusing the Microsoft Sway service to host phishing pages leveraged in QR phishing attacks targeting Office 365 users. The post Quishing Campaign Abuses Microsoft Sway to Host Phishing Pages appeared first on SecurityWeek. Read More
-
US Sees Iranian Hackers Working Closely With Ransomware Groups Ionut Arghire
Iranian state-sponsored APT Lemon Sandstorm is working closely with ransomware groups on monetizing network intrusions. The post US Sees Iranian Hackers Working Closely With Ransomware Groups appeared first on SecurityWeek. Read More
-
ICS/OT Security Firms Announce Product Updates Eduard Kovacs
Dragos has announced the latest release of its OT security platform, and Nozomi Networks has teamed up with Mandiant for threat intelligence. The post ICS/OT Security Firms Announce Product Updates appeared first on SecurityWeek. Read More
-

French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform [email protected] (The Hacker News)
French prosecutors on Wednesday formally charged CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday. Russian-born Durov, who is also a French citizen, has been charged with being complicit in the spread of child sexual abuse material (CSAM) as…
