Microsoft plans to provide Windows 11 users with almost instant access to photos and screenshots they’ve taken on their Android smartphones. […]
Kansas State University cyberattack disrupts IT network and services
Kansas State University (K-State) announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite. […]
Haier hits Home Assistant plugin dev with takedown notice
Appliances giant Haier reportedly issued a takedown notice to a software developer for creating Home Assistant integration plugins for the company’s home appliances and releasing them on GitHub. […]
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy.
“This is the first documented case of malware deploying the 9Hits application as a payload,” cloud security firm Cado said, adding the development is a sign that adversaries are
“This is the first documented case of malware deploying the 9Hits application as a payload,” cloud security firm Cado said, adding the development is a sign that adversaries are
US govt wants BreachForums admin sentenced to 15 years in prison
The United States government has recommended that Conor Brian Fitzpatrick, the creator and lead administrator of the now-defunct BreachForums hacking forums, receive a sentence of 15 years in prison. […]
Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets
Learn how threat actors utilize credentials to break into privileged IT infrastructure to create data breaches and distribute ransomware. […]
Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware
The Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language.
Google’s Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are
Google’s Threat Analysis Group (TAG), which shared details of the latest activity, said the attack chains leverage PDFs as decoy documents to trigger the infection sequence. The lures are
Google: Russian FSB hackers deploy new Spica backdoor malware
Google says the ColdRiver Russian-backed hacking group is pushing previously unknown backdoor malware using payloads masquerading as a PDF decryption tool. […]
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks.
The misconfigurations could be abused by an attacker to “conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow’s build agents via
The misconfigurations could be abused by an attacker to “conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow’s build agents via
MFA Spamming and Fatigue: When Security Measures Go Wrong
In today’s digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an