Microsoft has expanded free Purview Audit logging capabilities for all U.S. federal agencies six months after disclosing that Chinese hackers stole U.S. government emails undetected in an Exchange Online breach between May and June 2023. […]
Hackers abuse Google Cloud Run in massive banking trojan campaign
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban. […]
Fraudsters tried to scam Apple out of 5,000 iPhones worth over $3 million
Two Chinese nationals face 20 years in prison after being caught and convicted of submitting over 5,000 fake iPhones worth more than $3 million to Apple with the goal of having them replaced with genuine devices. […]
New SSH-Snake malware steals SSH keys to spread across the network
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. […]
US govt shares cyberattack defense tips for water utilities
CISA, the FBI, and the Environmental Protection Agency (EPA) shared a list of defense measures U.S. water utilities should implement to better defend their systems against cyberattacks […]
ScreenConnect critical bug now under attack as exploit code emerges
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. […]
US offers $15 million bounty for info on LockBit ransomware gang
The U.S. State Department is now also offering rewards of up to $15 million to anyone who can provide information about LockBit ransomware gang members and their associates. […]
New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers
Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password.
The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a
The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a
Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS
The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS.
“The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter,” Trend Micro researchers Sunny Lu
“The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter,” Trend Micro researchers Sunny Lu