Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver

Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading a kernel driver component that grants attackers the ability to run arbitrary code with elevated permissions on Windows hosts. The malware, dubbed HotPage, gets its name from the eponymous installer ("HotPage.exe"), according to new findings from ESET. The

The Hacker News
#web#windows#microsoft#cisco#git#auth#The Hacker News
TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks

Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future's Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversary likely compromised organizations in at least ten countries across Africa, Asia, North America,

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager

Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked as CVE-2024-20419, carries a CVSS score of 10.0. "This vulnerability is due to improper

Iranian Cyber-Threat Group Drops New Backdoor, 'BugSleep'

The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear-phishing and legitimate remote management tools but is developing a brand-new homegrown tool set.

'BadPack' APK Files Make Android Malware Hard to Detect

Manipulated header info within files, in mobile Trojans like TeaBot and others, makes it difficult for defenders to analyze and detect them.

Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks

The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.

Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months

Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024. "Customers who have activated their digital

Checking in on the state of cybersecurity and the Olympics

Even if a threat actor isn’t successful in some widespread breach that makes international headlines, even smaller-scale threats and actors are just hoping to cause chaos.

Impact of data breaches is fueling scam campaigns

Data breaches have become one of the most crucial threats to organizations across the globe, and they’ve only become more prevalent and serious over time.

The Stark Truth Behind the Resurgence of Russia’s Fin7

The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 -- setting up thousands of websites mimicking a range of media and technology companies -- with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.