The New York City Bar Association confirmed that the data of more than 27,000 members and employees was leaked during a cyberattack nearly a year ago. In filings with regulators in Maine and Vermont, the organization said an investigation completed on October 18 confirmed that hackers broke into its systems and had access to internal […]
Microsoft has uncovered a supply chain attack by North Korean hackers who attached a malicious file to a legitimate photo and video editing application installer. In a blog on Wednesday, Microsoft Threat Intelligence said it attributed the activity to a group it calls Diamond Sleet — a hacking group within the North Korean government that […]
Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security teams must be able to stop threats and restore normal operations as quickly as possible. That’s why it’s essential that these teams not only have the right […]
Nov 23, 2023NewsroomVulnerability / Cyber Threat An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service (DDoS) botnet. “The payload targets routers and network video recorder (NVR) devices with default admin credentials and installs Mirai variants when successful,” Akamai […]
Due to the incident, users may experience difficulties accessing Blender’s services and sites, and should be cautious of downloading from third-party sources to avoid malware infections.
New InfectedSlurs Mirai-based botnet exploits two zero-days Pierluigi Paganini November 22, 2023 Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices. Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) devices. The researchers […]
The company has not provided any specific details about the nature of the incident, but customers are advised to monitor their accounts for suspicious activity. It is unclear whether all or a few selected New Relic customers are at risk.
Nov 23, 2023NewsroomSoftware Supply Chain Attack A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. “This malicious file is a legitimate CyberLink application installer that has been […]
Security researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to find a way to bypass authentication on each device. The research was conducted by security engineering and research services provider Blackwing Intelligence and Microsoft’s Offensive Research and Security Engineering (MORSE). The targets were a Dell Inspiron 15 […]