Clik here to view.
Microsoft Trusted Signing service abused to code-sign malware
Cybercriminals are abusing Microsoft’s Trusted Signing platform to code-sign malware executables with short-lived three-day certificates. Threat actors have long sought after code-signing certificates...
View ArticleClik here to view.
Cloudflare now blocks all unencrypted traffic to its API endpoints
Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com. The move prevents unencrypted API requests from being sent, even...
View ArticleClik here to view.
FBI warnings are true—fake file converters do push malware
The FBI is warning that fake online document converters are being used to steal peoples’ information and, in worst-case scenarios, to deploy ransomware on victims’ devices. The warning came last week...
View ArticleClik here to view.
Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks
As businesses continue to migrate their operations to the cloud, maintaining and managing the security of these environments has become mission-critical. Microsoft 365 is a widely adopted suite of...
View ArticleClik here to view.
Police arrests 300 suspects linked to African cybercrime rings
African law enforcement authorities have arrested 306 suspects as part of ‘Operation Red Card,’ an INTERPOL-led international crackdown targeting cross-border cybercriminal networks. Between November...
View ArticleClik here to view.
Critical flaw in Next.js lets hackers bypass authorization
A critical severity vulnerability has been discovered in the Next.js open-source web development framework, potentially allowing attackers to bypass authorization checks. The flaw, tracked as...
View ArticleClik here to view.
Chinese Weaver Ant hackers spied on telco network for 4 years
A China-linked advanced threat group named Weaver Ant spent more than four years in the network of a telecommunications services provider, hiding traffic and infrastructure with the help of...
View ArticleClik here to view.
Cyberattack takes down Ukrainian state railway’s online services
Ukrzaliznytsia, Ukraine’s national railway operator, has been hit by a massive cyberattack that disrupted online services for buying tickets both through mobile apps and the website. The incident...
View ArticleClik here to view.
DrayTek routers worldwide go into reboot loops over weekend
Many Internet service providers (ISPs) worldwide are alerting customers of an outage that started Saturday night and triggered DrayTek router connectivity problems. Those affected by this incident...
View ArticleClik here to view.
23andMe files for bankruptcy, customers advised to delete DNA data
California-based genetic testing provider 23andMe has filed for Chapter 11 bankruptcy and plans to sell its assets following years of financial struggles. 23andMe has been providing...
View ArticleClik here to view.
New VanHelsing ransomware targets Windows, ARM, ESXi systems
A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems. VanHelsing was first promoted on underground...
View ArticleClik here to view.
New Android malware uses Microsoft’s .NET MAUI to evade detection
New Android malware campaigns use Microsoft’s cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. The tactic was observed by McAfee’s Mobile Research Team, a...
View ArticleClik here to view.
Browser-in-the-Browser attacks target CS2 players’ Steam accounts
A new phishing campaign targets Counter-Strike 2 players utilizing Browser-in-the-Browser (BitB) attacks that display a realistic window that mimics Steam’s login page. The attackers impersonate the...
View ArticleClik here to view.
EncryptHub linked to MMC zero-day attacks on Windows systems
A threat actor known as EncryptHub has been linked to Windows zero-day attacks exploiting a Microsoft Management Console vulnerability patched this month. Uncovered by Trend Micro staff researcher...
View ArticleClik here to view.
New Windows zero-day leaks NTLM hashes, gets unofficial patch
Free unofficial patches are available for a new Windows zero-day vulnerability that can let remote attackers steal NTLM credentials by tricking targets into viewing malicious files in Windows...
View ArticleClik here to view.
Broadcom warns of authentication bypass in VMware Windows Tools
Broadcom released security updates today to fix a high-severity authentication bypass vulnerability in VMware Tools for Windows. VMware Tools is a suite of drivers and utilities designed to improve...
View ArticleClik here to view.
Cloudflare R2 service outage caused by password rotation error
Cloudflare announced that its R2 object storage and dependent services experienced an outage lasting 1 hour and 7 minutes, causing 100% write and 35% read failures globally. Cloudflare R2 is a...
View ArticleClik here to view.
CrushFTP warns users to patch unauthenticated access flaw immediately
CrushFTP warned customers of an unauthenticated HTTP(S) port access vulnerability and urged them to patch their servers immediately. As the company also explained in an email sent to customers on...
View ArticleClik here to view.
Google fixes Chrome zero-day exploited in espionage campaign
Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser’s sandbox and deploy malware in espionage attacks targeting Russian media outlets and education...
View ArticleClik here to view.
New npm attack poisons local packages with backdoors
Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor. This way, even if the...
View Article