Category: Uncategorized
-
Highly Evasive SquidLoader Malware Targets China Ionut Arghire
A threat actor targeting Chinese-speaking victims has been using the SquidLoader malware loader in recent attacks. The post Highly Evasive SquidLoader Malware Targets China appeared first on SecurityWeek. Read More
-

Tool Overload: Why MSPs Are Still Drowning with Countless Cybersecurity Tools in 2024 [email protected] (The Hacker News)
Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.Top Cybersecurity Challenges: Discuss the main challenges MSPs face, including integration issues, limited visibility across systems, and the high cost and complexity of maintainingRead More
-

Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021 [email protected] (The Hacker News)
Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located in a single Asian country at least since 2021. “The attackers placed backdoors on the networks of targeted companies and also attempted to steal credentials,” the Symantec Threat Hunter Team, part of Broadcom, said in…
-
Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira Ionut Arghire
Atlassian has released Confluence, Crucible, and Jira updates to address multiple high-severity vulnerabilities. The post Atlassian Patches High-Severity Vulnerabilities in Confluence, Crucible, Jira appeared first on SecurityWeek. Read More
-
Post-Quantum Cryptography Firm PQShield Raises $37 Million Eduard Kovacs
Post-quantum cryptography (PQC) company PQShield has raised $37 million in Series B funding for its quantum-safe cryptography solutions. The post Post-Quantum Cryptography Firm PQShield Raises $37 Million appeared first on SecurityWeek. Read More
-

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration [email protected] (The Hacker News)
A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it’s aware of four different distribution methods — namely VBA dropper, VBA downloader, link downloader, and executable downloader — with some of them…
-

Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations [email protected] (The Hacker News)
Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T LevelBlue Labs, which first observed the malware in late April 2024, said it incorporates features that are designed to thwart static and dynamic analysis and ultimately evade detection. Attack chains leverage phishing emails thatRead More
-
Massachusetts 911 Outage Caused by Errant Firewall Ryan Naraine
A statewide outage of the Massachusetts 911 system was the result of a firewall that blocked calls from reaching emergency responders. The post Massachusetts 911 Outage Caused by Errant Firewall appeared first on SecurityWeek. Read More
-

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw [email protected] (The Hacker News)
Crypto exchange Kraken revealed that an unnamed security researcher exploited an “extremely critical” zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken’s Chief Security Officer, Nick Percoco, on X (formerly Twitter), stating it received a Bug Bounty program alert…
-

Chinese Cyber Espionage Group Exploits Fortinet, Ivanti and VMware Zero-Days [email protected] (The Hacker News)
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. “Persistence mechanisms encompassed network devices, hypervisors, and virtual machines, ensuring alternative channels remain availableRead More
