Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Russian UAC-0063 Targets Europe and Central Asia with Advanced Malware

UAC-0063: A Russian-linked threat actor targeting Central Asia and Europe with sophisticated cyberespionage campaigns, including weaponized documents, data…

HackRead
#mac#windows#microsoft#intel#backdoor#zero_day#firefox
Researchers Uncover Lazarus Group Admin Layer for C2 Servers

The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command-and-control servers from Pyongyang.

Exposed DeepSeek Database Revealed Chat Prompts and Internal Data

China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database.

Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers

VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.

Mirai Variant 'Aquabot' Exploits Mitel Device Flaws

Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.

Whatsup Gold, Observium and Offis vulnerabilities

Cisco Talos’ Vulnerability Research team recently disclosed three vulnerabilities in Observium, three vulnerabilities in Offis, and four vulnerabilities in Whatsup Gold.    These vulnerabilities exist in Observium, a network observation and monitoring system; Offis DCMTK, a collection of libraries and applications implementing DICOM (Digital Imaging and Communications

The Trial at the Tip of the Terrorgram Iceberg

Atomwaffen Division cofounder and alleged Terrorgram Collective member Brandon Russell is facing a potential 20-year sentence for an alleged plot on a Baltimore electrical station. His case is only the beginning.

CrowdStrike Highlights Magnitude of Insider Risk

The impetus for CrowdStrike's new professional services came from last year's Famous Chollima threat actors, which used fake IT workers to infiltrate organizations and steal data.

Super Bowl LIX Could Be a Magnet for Cyberattacks

Concerns include everything from ransomware, malware, and phishing attacks on the game's infrastructure to those targeting event sponsors and fans.

Hackers Claim 2nd Breach at HP Enterprise, Plan to Sell Access

IntelBroker targets Hewlett-Packard Enterprise (HPE) again, claiming to have access to the company’s internal infrastructure and the possibility…