Category: Uncategorized
-

New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth [email protected] (The Hacker News)
A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecurity firm has assessed it to be a variant of a known malware called RedLine Stealer owing to the fact that the command-and-control (C2) server IP address has been previously identified as associated with the malware.…
-

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack [email protected] (The Hacker News)
Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as “intricate” and a combination of two bugs in versions PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 of the software. “InRead More
-

Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks [email protected] (The Hacker News)
Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of a security flaw that has come under targeted exploitation in the wild. “CrushFTP v11 versions below 11.1 have a vulnerability where users can escape their VFS and download system files,” CrushFTP said in an advisory released Friday.Read More
-
Akira Ransomware Attack
What is the Akira Ransomware Attack? The Akira ransomware attack has actively and widely impacting businesses. According to CISA advisory, the ransomware group has impacted over 250 organizations and claimed approximately $42 million (USD) in ransomware proceeds. The ransomware group gains initial access via either less-secured VPN or Cisco vulnerabilities. Once the network is compromised,…
-
BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems Ryan Naraine
Investors make an early-stage $6.5 million bet on BreachRx, a startup promising to shield cybersecurity executives from personal liability. The post BreachRx Raises $6.5M to Revamp Incident Response Reporting Systems appeared first on SecurityWeek. Read More
-
Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing SecurityWeek News
VulnCheck banks $8 million in early stage capital to build ‘exploit intelligence’ technologies and services. The post Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing appeared first on SecurityWeek. Read More
-

BlackTech Targets Tech, Research, and Gov Sectors New ‘Deuterbear’ Tool [email protected] (The Hacker News)
Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part of a recent cyber attack wave. The intrusions pave the way for an updated version of modular backdoor dubbed Waterbear as well as its enhanced successor referred to as Deuterbear. “Waterbear is known for its complexity, as itRead More
-
In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack SecurityWeek News
Noteworthy stories that might have slipped under the radar: OpenSSF and OpenJS incidents similar to XZ backdoor, Moldovan botnet operator charged, US automotive company targeted by FIN7. The post In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack appeared first on SecurityWeek. Read More
-
First Major Attempts to Regulate AI Face Headwinds From All Sides Associated Press
While over 400 AI-related bills are being debated this year in statehouses nationwide, most target one industry or just a piece of the technology — such as deepfakes used in elections. The post First Major Attempts to Regulate AI Face Headwinds From All Sides appeared first on SecurityWeek. Read More
-
7 steps to create a data loss prevention policy
Post ContentRead More
