Fake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. […]
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers
Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza.
BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security
BabbleLoader is an “extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory,” Intezer security
Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection
The ability to internalize and operationalize customized threat intelligence as part of a holistic security system is no longer a luxury; it’s a necessity.
The post Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection appeared first on SecurityWeek.
Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day
A zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet.
The post Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day appeared first on SecurityWeek.
The Problem of Permissions and Non-Human Identities – Why Remediating Credentials Takes Longer Than You Think
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year’s report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone. One of the more troubling aspects of this report is that over 90% of valid
Ransomware Attack on Oklahoma Medical Center Impacts 133,000
Great Plains Regional Medical Center says the personal information of 133,000 individuals was compromised in a ransomware attack.
The post Ransomware Attack on Oklahoma Medical Center Impacts 133,000 appeared first on SecurityWeek.
300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks
EPA flags security vulnerabilities in more than 300 drinking water systems that serve roughly 110 million individuals.
The post 300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks appeared first on SecurityWeek.
Palo Alto Networks Releases IoCs for New Firewall Zero-Day
Palo Alto Networks has released IoCs for the attacks exploiting a newly uncovered firewall zero-day vulnerability.
The post Palo Alto Networks Releases IoCs for New Firewall Zero-Day appeared first on SecurityWeek.
Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report
The DeepData malware framework was seen exploiting a Fortinet VPN client for Windows zero-day that remains unpatched.
The post Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report appeared first on SecurityWeek.
Microsoft 365 Admin portal abused to send sextortion emails
The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the emails appear trustworthy and bypassing email security platforms. […]