Feb 29, 2024NewsroomLinux / Network Security Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications. GPRS roaming allows subscribers […]
Feb 29, 2024The Hacker NewsAttack Surface / Incident Response As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around — and hackers dreaming up new exploits every day — how do you create proactive, agile cybersecurity strategies? And what […]
Feb 29, 2024NewsroomRootkit / Threat Intelligence The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges. It […]
Data centers are significant drivers of growth in electricity demand. Cloud computing data centers are large facilities that need an incredible amount of electricity to run and maintain, but there are worldwide efforts to move to more sustainable energy. The progress to address climate change with energy sustainability is happening at a slower pace than […]
Feb 29, 2024NewsroomCyber Espionage / Malware A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come from the Ambassador of India, […]
Feb 29, 2024NewsroomMalware / Endpoint Security The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for […]
APIs now comprise nearly three-quarters (71%) of web traffic, posing a significant threat to corporate cybersecurity by expanding the cyber-attack surface, according to Imperva. The security company revealed the findings in its Imperva State of API Security Report, which was compiled from intelligence gathered by its products. It found that attacks on the business logic […]
Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Next-Generation Technologies & Secure Development Hackers Are Leveraging Israel-Hamas War to Carry Out Attacks, Researcher Tells ISMG Chris Riotta (@chrisriotta) • February 27, 2024 Mandiant found suspected Iranian hackers targeting Middle Eastern defense workers. (Image: Shutterstock) Cybersecurity researchers identified a suspected Iranian espionage […]
At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as attempted to maintain persistent access […]