Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Iranian Cyber-Threat Group Drops New Backdoor, 'BugSleep'

The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear-phishing and legitimate remote management tools but is developing a brand-new homegrown tool set.

DARKReading
Open in Source
#vulnerability#web#cisco#git#intel#backdoor#perl#pdf#auth
'BadPack' APK Files Make Android Malware Hard to Detect

Manipulated header info within files, in mobile Trojans like TeaBot and others, makes it difficult for defenders to analyze and detect them.

Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks

The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.

Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months

Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024. "Customers who have activated their digital

Checking in on the state of cybersecurity and the Olympics

Even if a threat actor isn’t successful in some widespread breach that makes international headlines, even smaller-scale threats and actors are just hoping to cause chaos.

Impact of data breaches is fueling scam campaigns

Data breaches have become one of the most crucial threats to organizations across the globe, and they’ve only become more prevalent and serious over time.

The Stark Truth Behind the Resurgence of Russia’s Fin7

The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 -- setting up thousands of websites mimicking a range of media and technology companies -- with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.

15 vulnerabilities discovered in software development kit for wireless routers

Talos researchers discovered these vulnerabilities in the Jungle SDK while researching other vulnerabilities in the LevelOne WBR-6013 wireless router.

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities. Initial access to the target

Hidden between the tags: Insights into spammers’ evasion techniques in HTML Smuggling

Talos is releasing a new list of CyberChef recipes that enable faster and easier reversal of encoded JavaScript code contained in the observed HTML attachments.