ASUS has released new firmware to patch nine security vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled. […]
Ransomware Attack Disrupts Local Emergency Alert System Across US
The OnSolve CodeRED platform has been targeted by the Inc Ransom ransomware group, resulting in disruptions and a data breach.
The post Ransomware Attack Disrupts Local Emergency Alert System Across US appeared first on SecurityWeek.
Webinar: Learn to Spot Risks and Patch Safely with Community-Maintained Tools
If you’re using community tools like Chocolatey or Winget to keep systems updated, you’re not alone. These platforms are fast, flexible, and easy to work with—making them favorites for IT teams. But there’s a catch…
The very tools that make your job easier might also be the reason your systems are at risk.
These tools are run by the community. That means anyone can add or update packages. Some
The very tools that make your job easier might also be the reason your systems are at risk.
These tools are run by the community. That means anyone can add or update packages. Some
Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps
Cybersecurity researchers have discovered a new malicious extension on the Chrome Web Store that’s capable of injecting a stealthy Solana transfer into a swap transaction and transferring the funds to an attacker-controlled cryptocurrency wallet.
The extension, named Crypto Copilot, was first published by a user named “sjclark76” on May 7, 2024. The developer describes the browser add-on as
The extension, named Crypto Copilot, was first published by a user named “sjclark76” on May 7, 2024. The developer describes the browser add-on as
Opti Raises $20 Million for Identity Security Platform
The cybersecurity startup plans to use the seed funding to accelerate product expansion and global growth.
The post Opti Raises $20 Million for Identity Security Platform appeared first on SecurityWeek.
RomCom Uses SocGholish Fake Update Attacks to Deliver Mythic Agent Malware
The threat actors behind a malware family known as RomCom targeted a U.S.-based civil engineering company via a JavaScript loader dubbed SocGholish to deliver the Mythic Agent.
“This is the first time that a RomCom payload has been observed being distributed by SocGholish,” Arctic Wolf Labs researcher Jacob Faires said in a Tuesday report.
The activity has been attributed with medium-to-high
“This is the first time that a RomCom payload has been observed being distributed by SocGholish,” Arctic Wolf Labs researcher Jacob Faires said in a Tuesday report.
The activity has been attributed with medium-to-high
Dartmouth College Confirms Data Theft in Oracle Hack
Dartmouth College has disclosed a data breach after cybercriminals leaked over 226 Gb of files stolen from the university.
The post Dartmouth College Confirms Data Theft in Oracle Hack appeared first on SecurityWeek.
FBI Reports $262M in ATO Fraud as Researchers Cite Growing AI Phishing and Holiday Scams
The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating financial institutions with an aim to steal money or sensitive information to facilitate account takeover (ATO) fraud schemes.
The activity targets individuals, businesses, and organizations of varied sizes and across sectors, the agency said, adding the fraudulent schemes have led to more than $262
The activity targets individuals, businesses, and organizations of varied sizes and across sectors, the agency said, adding the fraudulent schemes have led to more than $262
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City
The attack on the engineering firm was identified by Arctic Wolf in September before it could disrupt the engineering company’s operations or spread further.
The post Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City appeared first on SecurityWeek.
OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide
Risk management company Crisis24 has confirmed its OnSolve CodeRED platform suffered a cyberattack that disrupted emergency notification systems used by state and local governments, police departments, and fire agencies across the United States. […]