The HIUPAN worm allows Earth Preta to propagate malware into networks via removable drives, maintaining persistence by modifying registry values and creating autorun entries.
According to an FBI report, cryptocurrency scams surged in 2023, leading to victims reporting $5. 6 billion in financial losses associated with crypto schemes, a 45% increase from the previous year.
Imagine a world where you never have to remember another password. Seems like a dream come true for both end users and IT teams, right? But as the old saying goes, “If it sounds too good to be true, it probably is.” If your organization is like many, you may be contemplating a move to […]
The flaw, rated 7. 8 on the CVSS scale, involves a heap-based buffer overflow in the Desktop Window Manager core library, allowing attackers to execute arbitrary code with SYSTEM privileges.
The initial infection involves downloading a malicious package containing a legit CapCut app, JamPlus utility, and a malicious script. The script triggers the download and execution of the final payload from a remote server.
Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments. “The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews,” ReversingLabs researcher Karlo Zanki said. The activity has been […]
The agency is losing nearly a fifth of its cyber capacity annually due to a broken pay system, leading to increased costs with temporary labor and consultants making up over 10% of its budget.
Zyxel has released critical hotfixes for its end-of-support NAS devices, NAS326 and NAS542, to address a severe command injection vulnerability (CVE-2024-6342) with a CVSS score of 9. 8.
Checkmarx researchers discovered two XSS vulnerabilities on Gallup’s polling site, which could allow attackers to access sensitive data, execute arbitrary code, or take over accounts.