Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States. […]
Critical RCE bug in VMware vCenter Server now exploited in attacks
Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. […]
VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw
The saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage.
The post VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw appeared first on SecurityWeek.
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. […]
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers
Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.
BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security
BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security
Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection
The ability to internalize and operationalize customized threat intelligence as part of a holistic security system is no longer a luxury; it’s a necessity.
The post Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection appeared first on SecurityWeek.
Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day
A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet.
The post Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day appeared first on SecurityWeek.
The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year’s report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone. One of the more troubling aspects of this report is that over 90% of valid
Ransomware Attack on Oklahoma Medical Center Impacts 133,000
Great Plains Regional Medical Center says the personal information of 133,000 individuals was compromised in a ransomware attack.
The post Ransomware Attack on Oklahoma Medical Center Impacts 133,000 appeared first on SecurityWeek.
300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks
EPA flags security vulnerabilities in more than 300 drinking water systems that serve roughly 110 million individuals.
The post 300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks appeared first on SecurityWeek.