Category: Uncategorized
-

Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware [email protected] (The Hacker News)
Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted by the campaigns include Italy and Romania, according to cybersecurity firm ESET. “Attackers used previouslyRead…
-

Cyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal Underground [email protected] (The Hacker News)
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. The deep and dark web, otherwise known as the cybercriminal…
-
Cyber Insurance Provider Cowbell Raises $60 Million Ionut Arghire
Zurich Insurance Group has invested $60 million in cyber insurance firm Cowbell to help it scale operations and deliver new products. The post Cyber Insurance Provider Cowbell Raises $60 Million appeared first on SecurityWeek. Read More
-
Thousands Download New Mandrake Android Spyware Version From Google Play Ionut Arghire
Five Android applications containing the Mandrake spyware have been downloaded over 32,000 times from Google Play since 2022. The post Thousands Download New Mandrake Android Spyware Version From Google Play appeared first on SecurityWeek. Read More
-
Apple Rolls Out Security Updates for iOS, macOS Ionut Arghire
Apple has released security patches for dozens of vulnerabilities in iOS, macOS, tvOS, visionOS, watchOS, and Safari. The post Apple Rolls Out Security Updates for iOS, macOS appeared first on SecurityWeek. Read More
-

New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries [email protected] (The Hacker News)
The nation-state threat actor known as SideWinder has been attributed to a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. The BlackBerry Research and Intelligence Team, which discovered the activity, said targets of the spear-phishing campaign include countries like Pakistan, Egypt, Sri Lanka, Bangladesh, Myanmar, Nepal, and…
-
ZeroTier Raises $13.5 Million in Series A Funding Ionut Arghire
Virtual networking provider ZeroTier has raised $13.5 million in a Series A funding round led by Battery Ventures. The post ZeroTier Raises $13.5 Million in Series A Funding appeared first on SecurityWeek. Read More
-

OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script [email protected] (The Hacker News)
Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script. “This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, thereby compromising their systems,” Trellix security researcher Rafael Pena said in a Monday analysis. The cybersecurityRead…
-

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access [email protected] (The Hacker News)
A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by “several” ransomware groups to gain elevated permissions and deploy file-encrypting malware. The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Directory integration authentication bypass that allows an attacker to obtain administrative access to the host. “ARead More
-
ServiceNow Improper Input Validation Vulnerability (CVE-2024-4879)
What is the vulnerability?A critical input validation vulnerability (CVE-2024–4879) is identified in ServiceNow’s Now platform hosted in Vancouver and Washington DC, exploiting this vulnerability could lead to potential data breaches and unauthorized system access. Threat actors may weaponize proof-of-concept (PoC) exploits which are publicly available. CISA added CVE-2024–4879 to its Known Exploited Vulnerabilities (KEV) Catalog…
