Chinese threat actors use a custom post-exploitation toolkit named ‘DeepData’ to exploit a zero-day vulnerability in Fortinet’s FortiClient Windows VPN client that steal credentials. […]
US space tech giant Maxar discloses employee data breach
Hackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals. […]
Palo Alto Networks patches two firewall zero-days used in attacks
Palo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW). […]
US charges Phobos ransomware admin after South Korea extradition
Evgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States. […]
Critical RCE bug in VMware vCenter Server now exploited in attacks
Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. […]
VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw
The saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage.
The post VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw appeared first on SecurityWeek.
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. […]
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers
Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.
BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security
BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security
Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection
The ability to internalize and operationalize customized threat intelligence as part of a holistic security system is no longer a luxury; it’s a necessity.
The post Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection appeared first on SecurityWeek.
Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day
A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet.
The post Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day appeared first on SecurityWeek.