Microsoft has released the optional KB5037849 Preview cumulative update for Windows 10 22H2 with nine fixes or changes. […]
Cooler Master hit by data breach exposing customer information
Computer hardware manufacturer Cooler Master has suffered a data breach after a threat actor breached the company’s website and claimed to steal the Fanzone member information of 500,000 customers. […]
Check Point VPN zero-day exploited in attacks since April 30
Threat actors have been exploiting a high-severity Check Point Remote Access VPN zero-day since at least April 30, stealing Active Directory data needed to move laterally through the victims’ networks in successful attacks. […]
Free Piano phish targets American university students, staff
A large-scale phishing campaign is using an unusual lure to earn at least $900,000 by tricking email recipients into believing they’re about to receive a baby grand piano for free. […]
Cybercriminals Abuse StackOverflow to Promote Malicious Python Package
Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index (PyPI) repository to facilitate cryptocurrency theft as part of a broader campaign.
The package in question is pytoileur, which has been downloaded 316 times as of writing. Interestingly, the package author, who goes by the name PhilipsPY, has uploaded a new version of the
The package in question is pytoileur, which has been downloaded 316 times as of writing. Interestingly, the package author, who goes by the name PhilipsPY, has uploaded a new version of the
US dismantles 911 S5 botnet used for cyberattacks, arrests admin
The U.S. Justice Department and international partners dismantled the 911 S5 proxy botnet and arrested 35-year-old Chinese national YunHe Wang, its administrator. […]
Okta warns of credential stuffing attacks targeting its CORS feature
Okta warns that a Customer Identity Cloud (CIC) feature is being targeted in credential stuffing attacks, stating that numerous customers have been targeted since April. […]
Check Point Warns of Zero-Day Attacks on its VPN Gateway Products
Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild.
Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances.
“The vulnerability potentially allows an attacker to read certain information on
Tracked as CVE-2024-24919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances.
“The vulnerability potentially allows an attacker to read certain information on
Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha
Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windows-based AllaKore remote access trojan (RAT) called AllaSenha.
The malware is “specifically aimed at stealing credentials that are required to access Brazilian bank accounts, [and] leverages Azure cloud as command-and-control (C2) infrastructure,” French cybersecurity company HarfangLab
The malware is “specifically aimed at stealing credentials that are required to access Brazilian bank accounts, [and] leverages Azure cloud as command-and-control (C2) infrastructure,” French cybersecurity company HarfangLab
Check Point releases emergency fix for VPN zero-day exploited in attacks
Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks. […]