Blog – Page 772 – Cyber Mike

Hackers Use CAPTCHA Trick on Webflow CDN PDFs to Bypass Security Scanners

A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud.
“The attacker targets victims searching for documents on search engines, resulting in access to malicious PDF that contains a CAPTCHA image embedded with a phishing link, leading them to

Chinese espionage tools deployed in RA World ransomware attack

A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors. […]

North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks

A nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors.
The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail, TA427, and Velvet

Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job

A toolset associated with China-linked espionage intrusions was employed in a ransomware attack, likely by a single individual.

The post Chinese Cyberspy Possibly Launching Ransomware Attacks as Side Job appeared first on SecurityWeek.

SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024

An analysis conducted by SecurityWeek shows that 405 cybersecurity-related mergers and acquisitions were announced in 2024.

The post SecurityWeek Analysis: Over 400 Cybersecurity M&A Deals Announced in 2024 appeared first on SecurityWeek.

Fast Deployments, Secure Code: Watch this Learn to Sync Dev and Sec Teams

Ever felt like your team is stuck in a constant battle? Developers rush to add new features, while security folks worry about vulnerabilities. What if you could bring both sides together without sacrificing one for the other?
We invite you to our upcoming webinar, “Opening the Fast Lane for Secure Deployments.” This isn’t another tech talk full of buzzwords—it’s a down-to-earth session that

Jscrambler Raises $5.2 Million for Code, Webpage Protection Solution

Jscrambler has received a $5.2 million investment from Iberis Capital to accelerate innovation and research.

The post Jscrambler Raises $5.2 Million for Code, Webpage Protection Solution appeared first on SecurityWeek.

Hackers Exploited PAN-OS Flaw to Deploy Chinese Malware in Ransomware Attack

An RA World ransomware attack in November 2024 targeting an unnamed Asian software and services company involved the use of a malicious tool exclusively used by China-based cyber espionage groups, raising the possibility that the threat actor may be moonlighting as a ransomware player in an individual capacity.
“During the attack in late 2024, the attacker deployed a distinct toolset that had

Palo Alto Networks Patches Potentially Serious Firewall Vulnerability

Palo Alto Networks has published 10 new security advisories, including one for a high-severity firewall authentication bypass vulnerability.

The post Palo Alto Networks Patches Potentially Serious Firewall Vulnerability appeared first on SecurityWeek.

Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges

Threat actors are increasingly exploiting two old vulnerabilities in ThinkPHP and OwnCloud in their attacks.

The post Exploitation of Old ThinkPHP, OwnCloud Vulnerabilities Surges appeared first on SecurityWeek.

Cyber News