Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Defending OT Requires Agility, Proactive Controls

As attackers set their sights on infrastructure, security teams need to reduce risk levels without compromising operational agility.

DARKReading
Open in Source
#vulnerability#web#ios#git#intel#auth
Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks

The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books.

AI device Rabbit r1 logged user interactions without an option to erase them before selling

Rabbit has introduced an option to erase all data from the r1 device before selling it on, but what if you lose it or it gets stolen?

'Konfety' Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins

Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software development kit (SDK) associated with a Russia-based ad network called CaramelAds. "Konfety represents a new form of

Malicious npm Packages Found Using Image Files to Hide Backdoor Code

Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands sent from a remote server. The packages in question – img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy – have been downloaded 190 and 48 times each. As of writing, they have been taken down by the npm security team. "They

Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks

The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its well-known tactic of deploying legitimate remote monitoring and management (RMM) software for maintaining persistent access. That's according to independent findings from cybersecurity firms Check Point and Sekoia, which have

Ubuntu Security Notice USN-6898-1

Ubuntu Security Notice 6898-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

'Trial' DDoS Attacks on French Sites Portend Greater Olympics Threats

Russian hacktivists claim DDoS attacks against basic tourist websites. Is it real, or just smoke and mirrors?

US Senators Secretly Work to Block Safeguards Against Surveillance Abuse

Senator Mark Warner is trying to pass new limits on when the government can wiretap Americans. At least two senators are quietly trying to stop him.

Disney “breached”, data dumped online

Hacktivists claim they have stolen 1.2 TB of data from Disney's developer Slack channels.