USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and operational disruptions, with lasting impacts on an organization’s reputation. An example is the Stuxnet worm discovered in 2010, a malware designed to
Iranian Hackers Target UAE Firms With Polyglot Files
An Iranian threat actor was seen targeting UAE organizations with polyglot files to deliver a new backdoor named Sosano.
The post Iranian Hackers Target UAE Firms With Polyglot Files appeared first on SecurityWeek.
Dark Caracal Uses Poco RAT to Target Spanish-Speaking Enterprises in Latin America
The threat actor known as Dark Caracal has been attributed to a campaign that deployed a remote access trojan called Poco RAT in attacks targeting Spanish-speaking targets in Latin America in 2024.
The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a “full suite of espionage features.”
“It could upload files, capture screenshots
The findings come from Russian cybersecurity company Positive Technologies, which described the malware as loaded with a “full suite of espionage features.”
“It could upload files, capture screenshots
Toronto Zoo shares update on last year’s ransomware attack
The Toronto Zoo, the largest zoo in Canada, has provided more information about the data stolen during a ransomware attack in January 2024. […]
Google Rolls Out AI Scam Detection for Android to Combat Conversational Fraud
Google has announced the rollout of artificial intelligence (AI)-powered scam detection features to secure Android device users and their personal information.
“These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations,” Google said. “And more phone calling scammers are using spoofing techniques to hide their real
“These features specifically target conversational scams, which can often appear initially harmless before evolving into harmful situations,” Google said. “And more phone calling scammers are using spoofing techniques to hide their real
North Korean Fake IT Workers Pose as Blockchain Developers on GitHub
North Korean fake IT workers are creating personas on GitHub to land blockchain developer jobs at US and Japanese firms.
The post North Korean Fake IT Workers Pose as Blockchain Developers on GitHub appeared first on SecurityWeek.
Two Venezuelans Arrested in US for ATM Jackpotting
Several Venezuelans have been arrested and charged in the US in recent months for their role in ATM jackpotting schemes.
The post Two Venezuelans Arrested in US for ATM Jackpotting appeared first on SecurityWeek.
Ransomware Group Claims Attack on Tata Technologies
Notorious ransomware group Hunters International threatens to leak 1.4 TB of data allegedly stolen from Tata Technologies.
The post Ransomware Group Claims Attack on Tata Technologies appeared first on SecurityWeek.
Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities
Chrome 134 and Firefox 136 are rolling out across desktop and mobile with patches for multiple high-severity vulnerabilities.
The post Chrome 134, Firefox 136 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Chinese APT Lotus Panda Targets Governments With New Sagerunex Backdoor Variants
The threat actor known as Lotus Panda has been observed targeting government, manufacturing, telecommunications, and media sectors in the Philippines, Vietnam, Hong Kong, and Taiwan with updated versions of a known backdoor called Sagerunex.
“Lotus Blossom has been using the Sagerunex backdoor since at least 2016 and is increasingly employing long-term persistence command shells and developing
“Lotus Blossom has been using the Sagerunex backdoor since at least 2016 and is increasingly employing long-term persistence command shells and developing