brangberg – Page 584

New Windows RAT Evades Detection for Weeks Using Corrupted DOS and PE Headers

Cybersecurity researchers have taken the wraps off an unusual cyber attack that leveraged malware with corrupted DOS and PE headers, according to new findings from Fortinet.
The DOS (Disk Operating System) and PE (Portable Executable) headers are essential parts of a Windows PE file, providing information about the executable.
While the DOS header makes the executable file backward compatible

Victoria’s Secret Website Taken Offline After Cyberattack

Website remains offline following suspected cyber incident, as experts warn of escalating threats targeting major retailers

The post Victoria’s Secret Website Taken Offline After Cyberattack appeared first on SecurityWeek.

Victoria’s Secret takes down website after security incident

Victoria’s Secret, the fashion giant, has taken down its website and some store services because of an ongoing security incident […]

Adidas Data Breach Linked to Third-Party Vendor

Adidas said hackers accessed a “third-party customer service provider” and stole customer information.

The post Adidas Data Breach Linked to Third-Party Vendor appeared first on SecurityWeek.

Webinar Today: Why Context is a Secret Weapon in Application Security Posture Management

Join the live webinar to understand why data in itself is not enough to make informed decisions for prioritization.

The post Webinar Today: Why Context is a Secret Weapon in Application Security Posture Management appeared first on SecurityWeek.

DragonForce Exploits SimpleHelp Flaws to Deploy Ransomware Across Customer Endpoints

The threat actors behind the DragonForce ransomware gained access to an unnamed Managed Service Provider’s (MSP) SimpleHelp remote monitoring and management (RMM) tool, and then leveraged it to exfiltrate data and drop the locker on multiple endpoints.
It’s believed that the attackers exploited a trio of security flaws in SimpleHelp (CVE-2024-57727, CVE-2024-57728, and CVE-2024-57726) that were

Microsoft: Windows 11 might fail to start after installing KB5058405

Microsoft has confirmed that some Windows 11 systems might fail to start after installing the KB5058405 security update released during this month’s Patch Tuesday. […]

Beyond GenAI: Why Agentic AI Was the Real Conversation at RSA 2025

Agentic AI can be a great tool for many of the ‘gray area’ tasks that SOC analysts undertake.

The post Beyond GenAI: Why Agentic AI Was the Real Conversation at RSA 2025 appeared first on SecurityWeek.

Data broker LexisNexis discloses data breach affecting 364,000 people

Data broker giant LexisNexis Risk Solutions has revealed that unknown attackers stole the personal information of over 364,000 individuals in a December breach. […]

Chinese APT41 Exploits Google Calendar for Malware Command-and-Control Operations

Google on Wednesday disclosed that the Chinese state-sponsored threat actor known as APT41 leveraged a malware called TOUGHPROGRESS that uses Google Calendar for command-and-control (C2).
The tech giant, which discovered the activity in late October 2024, said the malware was hosted on a compromised government website and was used to target multiple other government entities.
“Misuse of cloud

Author: brangberg