Author Info

Kali Linux has launched its latest and final update of the year, version 2024.4, which introduces an impressive lineup of fourteen new tools, several improvements, updated features, and the deprecation of some older elements. New Tools in Kali Linux 2024.4 In this release, Kali continues its tradition of

Cybercriminals are targeting more than 200,000 YouTube creators with a sophisticated phishing attack, posing as well-known brands to deceive content creators worldwide. The campaign, discovered by cybersecurity firm Cloudsek, involves phishing emails that aim to compromise the creators' accounts through malware. Phishing Tactics: Emails with subject lines such

Discovery and Capabilities On December 13, 2024, cybersecurity experts revealed a sophisticated Linux rootkit named PUMAKIT, which has the capacity to escalate privileges, hide files and directories, and avoid detection by system tools. According to a report by Elastic Security Lab researchers Remco Sprooten and Ruben Groenewoud, PUMAKIT uses advanced

Germany’s Federal Office of Information Security (BSI) has successfully disrupted a large-scale malware operation known as BADBOX, which affected at least 30,000 internet-enabled devices sold across the country. This operation targeted outdated Android devices, including digital picture frames, media players, streamers, as well as potentially smartphones and tablets.

Iran-Linked Cyber Attack Targets US and Israeli Infrastructure with IOCONTROL Malware Iranian threat actors, identified by Claroty’s Team82, have leveraged a sophisticated piece of malware, known as IOCONTROL, to target Internet of Things (IoT) and Operational Technology (OT) systems within critical infrastructure in the United States and Israel. Cyber

Overview A sophisticated cyber campaign has resulted in the theft of over 390,000 WordPress credentials. A group known as MUT-1244 orchestrated this extensive year-long operation, targeting both malicious actors and cybersecurity professionals through a compromised WordPress credential utility. Research Discovery Datadog Security Labs identified the attack, noting that additional

Cleo, a leading provider of file-transfer software, has issued an urgent security warning urging users to patch an actively exploited vulnerability affecting its Harmony, VLTrader, and LexiCom products. This vulnerability, which allows unauthenticated users to execute arbitrary commands on the host system, has been observed in widespread exploitation across the

In a serious cybersecurity incident, Byte Federal, the leading Bitcoin ATM provider in the United States with approximately 1,200 machines, reported a breach compromising personal data of up to 58,000 users. Details of the Breach The breach, which took place on September 30, 2024, was not identified until

The U.S. Department of Justice (DoJ) has charged 14 North Korean individuals with involvement in a fraudulent scheme exploiting remote IT work to violate sanctions, engage in wire fraud, and commit money laundering and identity theft. These actions enabled North Korea to generate significant revenue over six years. Misleading