[ad_1] Feb 06, 2025Ravie LakshmananCyber Attack / Malware Bogus websites advertising Google Chrome have been used to distribute malicious installers for a remote access trojan called ValleyRAT. The malware, first detected in 2023, is attributed to a threat actor tracked as Silver Fox, with prior attack campaigns primarily targeting Chinese-speaking regions like Hong Kong, Taiwan,…
[ad_1] A new malware campaign dubbed SparkCat has leveraged a suit of bogus apps on both Apple’s and Google’s respective app stores to steal victims’ mnemonic phrases associated with cryptocurrency wallets. The attacks leverage an optical character recognition (OCR) model to exfiltrate select images containing wallet recovery phrases from photo libraries to a command-and-control (C2)…
[ad_1] You arrive at the office, power up your system, and panic sets in. Every file is locked, and every system is frozen. A ransom demand flashes on your screen: “Pay $2 million in Bitcoin within 48 hours or lose everything.” And the worst part is that even after paying, there’s no guarantee you’ll get…
[ad_1] Feb 06, 2025Ravie LakshmananUnited States Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices. The vulnerabilities are listed below – CVE-2025-20124 (CVSS score: 9.9) – An insecure Java deserialization vulnerability in an API of…
[ad_1] Feb 05, 2025Ravie LakshmananVulnerability / Data Protection Veeam has released patches to address a critical security flaw impacting its Backup software that could allow an attacker to execute arbitrary code on susceptible systems. The vulnerability, tracked as CVE-2025-23114, carries a CVSS score of 9.0 out of 10.0. “A vulnerability within the Veeam Updater component…
[ad_1] Feb 05, 2025Ravie LakshmananThreat Intelligence / Malware A previously undocumented threat actor known as Silent Lynx has been linked to cyber attacks targeting various entities in Kyrgyzstan and Turkmenistan. “This threat group has previously targeted entities around Eastern Europe and Central Asian government think tanks involved in economic decision making and banking sector,” Seqrite…
[ad_1] Feb 05, 2025Ravie LakshmananCryptocurrency / Data Breach The North Korea-linked Lazarus Group has been linked to an active campaign that leverages fake LinkedIn job offers in the cryptocurrency and travel sectors to deliver malware capable of infecting Windows, macOS, and Linux operating systems. According to cybersecurity company Bitdefender, the scam begins with a message…
[ad_1] Feb 05, 2025Ravie LakshmananCybersecurity / Cloud Security Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments. Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal…
[ad_1] Feb 05, 2025The Hacker NewsVulnerability / Threat Detection As the cybersecurity landscape continues to evolve, proactive vulnerability management has become a critical priority for managed service providers (MSPs) and IT teams. Recent trends indicate that organizations increasingly prioritize more frequent IT security vulnerability assessments to identify and address potential security flaws. Staying informed on…
[ad_1] Feb 05, 2025Ravie LakshmananMalware / Network Security A malware campaign has been observed delivering a remote access trojan (RAT) named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. “AsyncRAT is a remote access trojan (RAT) that exploits the async/await pattern for efficient, asynchronous communication,” Forcepoint X-Labs researcher Jyotika Singh said in an…
