Category: Uncategorized
-
Malware Delivered via Malicious Pidgin Plugin, Signal Fork Eduard Kovacs
Threat actors delivered malware via instant messaging applications, including a malicious Pidgin plugin and an unofficial Signal fork. The post Malware Delivered via Malicious Pidgin Plugin, Signal Fork appeared first on SecurityWeek. Read More
-
Check Point to Acquire External Cyber Risk Management Firm Cyberint Mike Lennon
Check Point says the acquisition will enhance its own SOC capabilities and expand its managed threat intelligence offerings. The post Check Point to Acquire External Cyber Risk Management Firm Cyberint appeared first on SecurityWeek. Read More
-
Rising Tides: Runa Sandvik on Creating Work that Makes a Difference Jennifer Leggio
Runa Sandvik is an inaugural member of CISA’s Technical Advisory Council and the Aspen Institute’s Global Cybersecurity Group, and a board member of the Signals Network. But she is so much more. The post Rising Tides: Runa Sandvik on Creating Work that Makes a Difference appeared first on SecurityWeek. Read More
-
US Offering $2.5 Million Reward for Belarusian Malware Distributor Ionut Arghire
The US government is offering a $2.5 million reward for information leading to the arrest of malware distributor Volodymyr Kadariya. The post US Offering $2.5 Million Reward for Belarusian Malware Distributor appeared first on SecurityWeek. Read More
-

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave [email protected] (The Hacker News)
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. “The BlackByte ransomware group continues to leverage tactics, techniques, and procedures (TTPs) that have formed the foundation of its tradecraft since itsRead More
-
How Lessons Learned From the 2016 Campaign Led US Officials to Be More Open About Iran Hack Associated Press
The lessons learned from the 2016 election hacking made US officials more open about the recent Iranian hack targeting presidential campaigns. The post How Lessons Learned From the 2016 Campaign Led US Officials to Be More Open About Iran Hack appeared first on SecurityWeek. Read More
-
950,000 Impacted by Young Consulting Data Breach Ionut Arghire
The personal information of over 950,000 people was compromised in a BlackSuit ransomware attack on Young Consulting. The post 950,000 Impacted by Young Consulting Data Breach appeared first on SecurityWeek. Read More
-
Second Apache OFBiz Vulnerability Exploited in Attacks Eduard Kovacs
CISA is warning organizations that a second Apache OFBiz flaw is being exploited in the wild shortly after the release of PoC exploits. The post Second Apache OFBiz Vulnerability Exploited in Attacks appeared first on SecurityWeek. Read More
-

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials [email protected] (The Hacker News)
Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes. “By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves,” Netskope ThreatRead…
-

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity.Read More
