[ad_1] Oct 18, 2023NewsroomRootkit / Cryptocurrency A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments. Dubbed Qubitstrike by Cado, the intrusion set utilizes Telegram API to exfiltrate cloud service provider credentials following a successful compromise….
[ad_1] Oct 18, 2023NewsroomCyber Espionage / Malware Government entities in the Asia-Pacific (APAC) region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom. “The attacker covertly spied on and harvested sensitive data from APAC government entities by exploiting a particular type of secure USB drive, protected by hardware encryption to ensure the secure…
[ad_1] Oct 18, 2023NewsroomVulnerability / Data Security A medium-severity flaw has been discovered in Synology’s DiskStation Manager (DSM) that could be exploited to decipher an administrator’s password and remotely hijack the account. “Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin…
[ad_1] Oct 18, 2023NewsroomData Breach / Network Security Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is “low-sensitivity and semi-public information.” “The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life…
[ad_1] Oct 17, 2023NewsroomMalware / APT In what’s the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the social platform for targeting critical infrastructure. Discord, in recent years, has become a lucrative target, acting as a fertile ground for…
[ad_1] Oct 17, 2023NewsroomVulnerability / Cyber Threat Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems. The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10….
[ad_1] Oct 17, 2023NewsroomData Security / Network Security A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal. Tracked as CVE-2023-43261 (CVSS score: 7.5), the vulnerability has been described as a case of information disclosure that affects UR5X, UR32L, UR32, UR35, and UR41…
[ad_1] Oct 17, 2023The Hacker NewsData Security / Infosec Webinar Financial data is much more than just a collection of numbers; it is a crucial component of any business and a prime target for cybercriminals. It’s important to understand that financial records can be a veritable treasure trove for digital pirates. A security breach not…
[ad_1] Recently, the cybersecurity landscape has been confronted with a daunting new reality – the rise of malicious Generative AI, like FraudGPT and WormGPT. These rogue creations, lurking in the dark corners of the internet, pose a distinctive threat to the world of digital security. In this article, we will look at the nature of…
[ad_1] Oct 17, 2023NewsroomCyber Attack / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors “interfered” with at least 11 telecommunication service providers in the country between May and September 2023. The agency is tracking the activity under the name UAC-0165, stating the intrusions led to service interruptions for customers….
