General Electric investigates claims of cyber attack, data theft
General Electric is investigating claims that a threat actor breached the company’s development environment in a cyberattack and leaked allegedly stolen data. […]
Atomic Stealer malware strikes macOS via fake browser updates
The ‘ClearFake’ fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware. […]
New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government
An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack.
The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and in-memory execution,” Kaspersky security researcher Mert
The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and in-memory execution,” Kaspersky security researcher Mert
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files.
A brief description of the vulnerabilities is as follows –
A brief description of the vulnerabilities is as follows –
Disclosure of sensitive credentials and configuration in containerized deployments impacting graphapi versions from 0.2.0 to 0.3.0. (CVSS score: 10.0)
Critical bug in ownCloud file sharing app exposes admin passwords
Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords and mail server credentials. […]
UK and South Korea: Hackers use zero-day in supply-chain attack
A joint advisory by the National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) discloses a supply-chain attack executed by North Korean hackers involving the MagicLineThe National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) warn that the North Korean Lazarus hacking grou […]
Cyberattack on IT provider CTS impacts dozens of UK law firms
A cyberattack on CTS, a leading managed service provider (MSP) for law firms and other organizations in the UK legal sector, is behind a major outage impacting numerous law firms and home buyers in the country since Wednesday. […]
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
More details have emerged about a malicious Telegram bot called Telekopye that’s used by threat actors to pull off large-scale phishing scams.
“Telekopye can craft phishing websites, emails, SMS messages, and more,” ESET security researcher Radek Jizba said in a new analysis.
The threat actors behind the operation – codenamed Neanderthals – are known to run the criminal enterprise as a
“Telekopye can craft phishing websites, emails, SMS messages, and more,” ESET security researcher Radek Jizba said in a new analysis.
The threat actors behind the operation – codenamed Neanderthals – are known to run the criminal enterprise as a
North Korean Software Supply Chain Attack Hits North America, Asia
North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply chain attack.
The post North Korean Software Supply Chain Attack Hits North America, Asia appeared first on SecurityWeek.