Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Hunters International Disguises SharpRhino RAT as Legitimate Network Admin Tool

The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access and persistence on targeted networks

DARKReading
#windows#microsoft#cisco#git#intel#auth
Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. "There are indications that CVE-2024-36971 may be under limited, targeted exploitation," the tech giant noted in its monthly Android security

China's Evasive Panda Attacks ISP to Send Malicious Software Updates

The APT used DNS poisoning to install the Macma backdoor on targeted networks and then deliver malware to steal data via post-exploitation activity.

Ryan Pentney reflects on 10 years of Talos and his many roles from the Sourcefire days

Pentney and his team are threat hunters and researchers who contribute to Talos’ research and reports shared with government and private sector partners.

China's APT41 Targets Taiwan Research Institute for Cyber Espionage

The state-sponsored Chinese threat actor gained access to three systems and stole at least some research data around computing and related technologies.

APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack

A Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 2023 to deliver a variety of backdoors and post-compromise tools like ShadowPad and Cobalt Strike. It has been attributed

Black Basta Develops Custom Malware in Wake of Qakbot Takedown

The prolific ransomware group has shifted away from phishing as the method of entry into corporate networks, and is now using initial access brokers as well as its own tools to optimize its most recent attacks.

Attackers Hijack Facebook Pages, Promote Malicious AI Photo Editor

A malvertising campaign uses phishing to steal legitimate account pages, with the endgame of delivering the Lumma stealer.

There is no real fix to the security issues recently found in GitHub and other similar software

The lesson for users, especially if you’re a private company that primarily uses GitHub, is just to understand the inherent dangers of using open-source software.