The Ohio Lottery is sending data breach notification letters to over 538,000 individuals affected by a cyberattack that hit the organization’s systems on Christmas Eve. […]
North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms
The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at South Korean cryptocurrency firms.
“Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads and exfiltration of files,” Kaspersky&
“Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional file downloads and exfiltration of files,” Kaspersky&
CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)
Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats.
Join us for an exciting webinar, “The Future of Threat Hunting is Powered by Generative AI,” where you’ll explore how AI tools are shaping the future of cybersecurity defenses.
During the session, Censys Security Researcher Aidan Holland will
Join us for an exciting webinar, “The Future of Threat Hunting is Powered by Generative AI,” where you’ll explore how AI tools are shaping the future of cybersecurity defenses.
During the session, Censys Security Researcher Aidan Holland will
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability
Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild.
Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.
Use-after-free bugs, which arise when a program
Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported by an anonymous researcher on May 7, 2024.
Use-after-free bugs, which arise when a program
What’s the Right EDR for You?
A guide to finding the right endpoint detection and response (EDR) solution for your business’ unique needs.
Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted to endpoints. This is why endpoint
Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted to endpoints. This is why endpoint
Malicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via Smishing
Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users’ credentials from compromised devices.
“This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices,” the SonicWall Capture Labs threat research team said in a recent report.
The
“This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices,” the SonicWall Capture Labs threat research team said in a recent report.
The
Google fixes fifth Chrome zero-day exploited in attacks this year
Google has released a security update for the Chrome browser to fix the fifth zero-day vulnerability exploited in the wild since the start of the year. […]
Widely used Telit Cinterion modems open to SMS takeover attacks
Security flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS. […]
Researchers Uncover ‘LLMjacking’ Scheme Targeting Cloud-Hosted AI Models
Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors.
The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team.
“Once initial access was obtained, they exfiltrated cloud credentials and gained
The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team.
“Once initial access was obtained, they exfiltrated cloud credentials and gained
Poland says Russian military hackers target its govt networks
Poland says a state-backed threat group linked to Russia’s military intelligence service (GRU) has been targeting Polish government institutions throughout the week. […]