Intel

ESET researchers have unveiled a cyberespionage operation carried out by PlushDaemon, a China-aligned Advanced Persistent Threat (APT) group. This operation involved compromising the supply chain of a South Korean VPN software in 2023, where the attackers replaced the legitimate installer with one that also deployed a sophisticated backdoor known as

A critical flaw in the 7-Zip compression tool has been fixed, addressing a vulnerability that allowed attackers to bypass the Windows Mark of the Web (MotW) security feature, posing significant risks to users. This issue permitted malicious code execution from files extracted through nested archives. MotW Support and Risks Since

Cybersecurity researchers have once again unearthed a cunning scheme where threat actors are misusing Google ads to disseminate malware. This time, the attackers have created a counterfeit Homebrew website designed to infiltrate both Mac and Linux systems with an infostealer. This malware seeks to harvest credentials, browser information, and cryptocurrency

A significant breach of AT&T's network by the Chinese state-sponsored group, Salt Typhoon, has led to unauthorized access to sensitive U.S. telecommunications data. Active undetected for over 18 months until 2023, the breach exposed critical communications metadata of FBI informants, potentially creating a crisis for

The continuing devastation of the California wildfires has given rise to another threat—cybercriminals seeking to exploit the disaster. These malicious actors are leveraging the chaos, using sophisticated phishing tactics to deceive those impacted by the fires. New Domains Mimic Legitimate Services Researchers at Veriti have discovered a proliferation of

A recently corrected vulnerability has come to light, highlighting a flaw in the Secure Boot mechanism of Unified Extensible Firmware Interface (UEFI) systems. This issue, tracked as CVE-2024-7344 with a CVSS score of 6.7, involves an application signed with Microsoft's third-party UEFI certificate from 2011, as reported

A sophisticated botnet comprising 13,000 MikroTik devices is leveraging domain name system (DNS) misconfigurations to circumvent email security measures and disseminate malware. The perpetrators exploit weaknesses in the Sender Policy Framework (SPF) of roughly 20,000 web domains to achieve this. Exploiting SPF Misconfiguration Security experts at Infoblox have

FBI Neutralizes PlugX Malware Using Its Own Self-Destruct Feature In an unprecedented collaboration, the FBI and French law enforcement have successfully removed the PlugX malware from over 4,200 computers in the United States. Leveraging the malware’s innate self-delete mechanism, authorities dismantled this notorious China-linked remote access trojan (RAT)

New Rsync Vulnerabilities Threaten Over 660,000 Exposed Servers A series of newly identified vulnerabilities have left more than 660,000 Rsync servers at risk of remote code execution attacks, including a critical heap-buffer overflow flaw. This open-source utility, known for its efficient file synchronization and data transfer capabilities, is