Category: Uncategorized
-
User mode vs. kernel mode: OSes explained
Post ContentRead More
-
Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks Ionut Arghire
Multiple Russian, Belarusian, and Western entities perceived as Russia’s enemies have been targeted in two recent spear-phishing campaigns. The post Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks appeared first on SecurityWeek. Read More
-

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics [email protected] (The Hacker News)
Chinese-speaking users are the target of an ongoing campaign that distributes malware known as ValleyRAT. “ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage,” Fortinet FortiGuard Labs researchers Eduardo Altares and Joie Salvio said. “Another noteworthy characteristic of this malware is…
-
New Banshee Stealer macOS Malware Priced at $3,000 Per Month Eduard Kovacs
Russian cybercriminals are advertising a new macOS malware, Banshee Stealer, capable of stealing passwords, browser data, and crypto wallets. The post New Banshee Stealer macOS Malware Priced at $3,000 Per Month appeared first on SecurityWeek. Read More
-

The Hidden Security Gaps in Your SaaS Apps: Are You Doing Due Diligence? [email protected] (The Hacker News)
SaaS applications have become indispensable for organizations aiming to enhance productivity and streamline operations. However, the convenience and efficiency these applications offer come with inherent security risks, often leaving hidden gaps that can be exploited. Conducting thorough due diligence on SaaS apps is essential to identify and mitigate these risks, ensuring the protection of yourRead…
-
SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day Ionut Arghire
The US cybersecurity agency CISA warns that a recent SolarWinds Web Help Desk vulnerability has been exploited in the wild. The post SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day appeared first on SecurityWeek. Read More
-
Copy2Pwn Zero-Day Exploited to Bypass Windows Protections Eduard Kovacs
ZDI details a zero-day named Copy2Pwn and tracked as CVE-2024-38213, which cybercriminals exploited to bypass MotW protections in Windows. The post Copy2Pwn Zero-Day Exploited to Bypass Windows Protections appeared first on SecurityWeek. Read More
-

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems [email protected] (The Hacker News)
Cybersecurity researchers have uncovered new stealer malware that’s designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it’s offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architectures. “Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100…
-

Google Pixel Devices Shipped with Vulnerable App, Leaving Millions at Risk [email protected] (The Hacker News)
A large percentage of Google’s own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called “Showcase.apk” that comes with excessive system privileges, including the ability to remotely execute…
-
Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw Ryan Naraine
Security experts are ratcheting up the urgency for Windows admins to patch a wormable, pre-auth remote code execution vulnerability in the Windows TCP/IP stack. The post Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw appeared first on SecurityWeek. Read More
