Category: Uncategorized
-
Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses Ionut Arghire
More than 90,000 unique IPs are still infected with a PlugX worm variant that spreads via infected flash drives. The post Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses appeared first on SecurityWeek. Read More
-
In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO SecurityWeek News
Noteworthy stories that might have slipped under the radar: Volkswagen hacked by Chinese threat group, DDoS service shut down, Rubrik IPO. The post In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO appeared first on SecurityWeek. Read More
-
Darktrace to be Taken Private in $5.3 Billion Sale to Thoma Bravo SecurityWeek News
UK cybersecurity firm Darktace has agreed to sell itself to private equity giant Thoma Bravo for approximately $5.32 million in cash. The post Darktrace to be Taken Private in $5.3 Billion Sale to Thoma Bravo appeared first on SecurityWeek. Read More
-

10 Critical Endpoint Security Tips You Should Know [email protected] (The Hacker News)
In today’s digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because of this, endpoints are one of hackers’ favorite targets. According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With ITRead More
-

New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates [email protected] (The Hacker News)
Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. “Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware,” Dutch security firm ThreatFabric said in an analysis published Thursday. The malware is said to be in active development,Read More
-

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack [email protected] (The Hacker News)
Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed inRead More
-
Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors Ionut Arghire
A vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites. The post Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors appeared first on SecurityWeek. Read More
-

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites [email protected] (The Hacker News)
Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0. “This vulnerability, a SQL injection (SQLi) flaw, poses a…
-

North Korea’s Lazarus Group Deploys New Kaolin RAT via Fake Job Lures [email protected] (The Hacker News)
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT. The malware could, “aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL binary from [command-and-control] server,” Avast security researcher LuiginoRead More
-
Predictive Security Startup BforeAI Raises $15 Million Ionut Arghire
Predictive attack intelligence and risk protection startup BforeAI has raised $15 million in a Series A funding round led by SYN Ventures. The post Predictive Security Startup BforeAI Raises $15 Million appeared first on SecurityWeek. Read More
