Hackers have caused close to $1.49 billion in cryptocurrency losses this year, with $71 million worth of assets stolen in November.
The post Hackers Stole $1.49 Billion in Cryptocurrency to Date in 2024 appeared first on SecurityWeek.
CISA, NSA, FBI and International Partners Publish Guide for Protecting Communications Infrastructure
Energy Sector Contractor ENGlobal Targeted in Ransomware Attack
Energy sector contractor ENGlobal Corporation has restricted access to some of its systems in response to a ransomware attack.
The post Energy Sector Contractor ENGlobal Targeted in Ransomware Attack appeared first on SecurityWeek.
Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability
Cisco has updated an advisory for CVE-2014-2120 to warn customers that the vulnerability has been exploited in the wild.
The post Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability appeared first on SecurityWeek.
NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise
Cybersecurity researchers have disclosed a set of flaws impacting Palo Alto Networks and SonicWall virtual private network (VPN) clients that could be potentially exploited to gain remote code execution on Windows and macOS systems.
“By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels of access
“By targeting the implicit trust VPN clients place in servers, attackers can manipulate client behaviours, execute arbitrary commands, and gain high levels of access
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
The North Korea-aligned threat actor known as Kimsuky has been linked to a series of phishing attacks that involve sending email messages that originate from Russian sender addresses to ultimately conduct credential theft.
“Phishing emails were sent mainly through email services in Japan and Korea until early September,” South Korean cybersecurity company Genians said. “Then, from mid-September,
“Phishing emails were sent mainly through email services in Japan and Korea until early September,” South Korean cybersecurity company Genians said. “Then, from mid-September,
Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads
A newly discovered malware campaign has been found to target private users, retailers, and service businesses mainly located in Russia to deliver NetSupport RAT and BurnsRAT.
The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded by these trojans to install stealer
The campaign, dubbed Horns&Hooves by Kaspersky, has hit more than 1,000 victims since it began around March 2023. The end goal of these attacks is to leverage the access afforded by these trojans to install stealer
Korea arrests CEO for adding DDoS feature to satellite receivers
South Korean police have arrested a CEO and five employees for manufacturing over 240,000 satellite receivers pre-loaded or later updated to include DDoS attack functionality at a purchaser’s request. […]
Russia sentences Hydra dark web market leader to life in prison
Russian authorities have sentenced the leader of the criminal group behind the now-closed dark web platform Hydra Market to life in prison. […]
BootKitty UEFI malware exploits LogoFAIL to infect Linux systems
The recently uncovered ‘Bootkitty’ UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka ‘LogoFAIL,’ to infect computers running on a vulnerable UEFI firmware. […]