March 2025 – Page 23

Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners

Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT.
The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code.
Cybersecurity company

March Madness Requires Vigilance on Both an Individual and Corporate Level

Defending high profile sporting events from adversarial attacks requires a mix of experienced capabilities and a solid threat intelligence program.

The post March Madness Requires Vigilance on Both an Individual and Corporate Level appeared first on SecurityWeek.

Infosys to Pay $17.5 Million in Settlement Over 2023 Data Breach

Infosys McCamish System has agreed to pay $17.5 million to settle six class action lawsuits filed over a 2023 data breach.

The post Infosys to Pay $17.5 Million in Settlement Over 2023 Data Breach appeared first on SecurityWeek.

What’s Behind Google’s $32 Billion Wiz Acquisition?

News analysis: Google positions itself to compete with Microsoft for enterprise security dollars. How does this deal affect startup ecosystem?

The post What’s Behind Google’s $32 Billion Wiz Acquisition? appeared first on SecurityWeek.

Virtual Event Today: Supply Chain & Third-Party Risk Security Summit

Join the virtual event as we explore of the critical nature of software and vendor supply chain security issues.

The post Virtual Event Today: Supply Chain & Third-Party Risk Security Summit appeared first on SecurityWeek.

Why it’s time for phishing prevention to move beyond email

While phishing has evolved, email security hasn’t kept up. Attackers now bypass MFA & detection tools with advanced phishing kits, making credential theft harder to prevent. Learn how Push Security’s browser-based security stops attacks as they happen. […]

Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia

The recently leaked trove of internal chat logs among members of the Black Basta ransomware operation has revealed possible connections between the e-crime gang and Russian authorities.
The leak, containing over 200,000 messages from September 2023 to September 2024, was published by a Telegram user @ExploitWhispers last month.
According to an analysis of the messages by cybersecurity company

Chinese Hacking Group MirrorFace Targeting Europe

Chinese hacking group MirrorFace has targeted a Central European diplomatic institute with the Anel backdoor and AsyncRAT.

The post Chinese Hacking Group MirrorFace Targeting Europe appeared first on SecurityWeek.

Scareware Combined With Phishing in Attacks Targeting macOS Users

A long-running campaign phishing for credentials through scareware recently switched to targeting macOS users.

The post Scareware Combined With Phishing in Attacks Targeting macOS Users appeared first on SecurityWeek.

Watch This Webinar to Learn How to Eliminate Identity-Based Attacks—Before They Happen

In today’s digital world, security breaches are all too common. Despite the many security tools and training programs available, identity-based attacks—like phishing, adversary-in-the-middle, and MFA bypass—remain a major challenge. Instead of accepting these risks and pouring resources into fixing problems after they occur, why not prevent attacks from happening in the first place?
Our upcoming

Month: March 2025