A security bug in the widely used Kubernetes container-management system allows attackers to remotely execute code with System privileges on Windows endpoints, potentially leading to full takeover of all Windows nodes within a Kubernetes cluster. Akamai security researcher Tomer Peled discovered the flaw, which is tracked as CVE-2023-5528 and has a CVSS score of 7.2. […]
Mar 14, 2024NewsroomRansomware / Cyber Crime A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice (DoJ) with “conspiring with others to […]
Many wireless headsets using Bluetooth technology have vulnerabilities that may allow malicious individuals to covertly listen in on private conversations, Tarlogic Security researchers have demonstrated last week at RootedCON in Madrid. “Many of the examples presented during the conference were real tests on devices that attendees – most of them cybersecurity experts – were carrying […]
Two years ago, the Irish government fixed a vulnerability in its national COVID-19 vaccination portal that exposed the vaccination records of around a million residents. But details of the vulnerability weren’t revealed until this week after attempts to coordinate public disclosure with the government agency stalled and ended. Security researcher Aaron Costello said he discovered […]
The cryptocurrency company Tether seized $1.4 million on behalf of U.S. law enforcement investigating a tech support scam targeting elderly citizens, the company announced Tuesday — as it attempts to burnish its reputation amid accusations that its USDT coin is the currency of choice for online fraudsters. The U.S. Attorney’s Office of the Northern District […]
Critical Infrastructure Security , Cybercrime , Endpoint Security New Campaign Evades Security Tools to Deliver Agent Tesla Keylogger and XWorm RAT Prajeet Nair (@prajeetspeaks) • March 13, 2024 Threat actors are hiding malware in SVG image files to evade detection and deliver ransomware, download a banking Trojan and distribute malware. See Also: Live […]
Internet security experts have detected and blocked nearly 13,000 fake investment platform domains across more than 7000 IPs in January 2024, a 25% increase from December 2023. The figure comes amid growing concerns over the escalating threat of online investment scams, which continue to prey on unsuspecting individuals worldwide. According to data from the Federal Trade […]
Mar 14, 2024NewsroomContainer Security / Vulnerability Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster,” Akamai security researcher […]
PixPirate utilizes two apps, including a downloader and a hidden malware app, to steal information and automate fraudulent transactions on the popular Brazilian payment platform Pix.