Apr 18, 2024NewsroomMalvertising / Endpoint Security A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. “The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads to push these domains to the top of search […]
John Grant has shared a controversial new single from his much-anticipated new album The Art Of The Lie, due out June 14 via [PIAS] Recordings. The sumptuous, synth-laden single and LP highlight ‘The Child Catcher‘ sees Grant meditating on the mental stain left on anyone who encounted the demonic villain of the film ‘Chitty Chitty Bang Bang’, who would entice children […]
Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.
Apr 17, 2024NewsroomRansomware / Cyber Espionage A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent threat (APT) group tracked as Sandworm (aka […]
Russia is trying to sabotage European railways, Czech minister said Pierluigi Paganini April 16, 2024 Czech transport minister warned that Russia conducted ‘thousands’ of attempts to sabotage railways, attempting to interfere with train networks and signals. Early this month, the Czech transport minister Martin Kupka warned that Russia has conducted ‘thousands’ of attempts to sabotage […]
Russian nation-state group Sandworm is believed to be utilizing a novel backdoor to target organizations in Ukraine and other Eastern and Central European countries, according to WithSecure researchers. The previously unreported backdoor, dubbed ‘Kapeka’, has a high level of stealth and sophistication, designed to both serve as an early-stage toolkit for its operators, and also […]
A measure led by two House Republicans would enable the Environmental Protection Agency to certify a governing body to develop and recommend cybersecurity requirements for water treatment and wastewater systems. Reps. Rick Crawford, R-Ark. and John Duarte, R-Calif. unveiled the Water Risk and Resilience Organization Establishment Act on Thursday, with the aim of creating an […]
Apr 17, 2024NewsroomEncryption / Vulnerability Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account. Armed […]
The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide range of uses, GenAI tools make it easier for developers […]
- 1
- 2