Intel

Microsoft Bolsters Security with December 2024 Patch Tuesday Fixes In its December 2024 Patch Tuesday release, Microsoft has addressed 71 security vulnerabilities across a range of products, including Windows, Office, SharePoint Server, and more. This patch includes a critical fix for an actively exploited zero-day vulnerability. Total Addressed: 71 vulnerabilities

A New Threat to Browser Isolation Security Recent research exposes a method for compromising browser isolation using QR codes, potentially facilitating malicious communication with infected devices. Research Team Experts at Mandiant have unveiled a technique that subverts browser isolation—whether remote, on-premises, or local—by using QR codes to transmit

The criminal group behind Black Basta ransomware has recently incorporated new social engineering strategies, deploying malicious payloads including Zbot and DarkGate since October 2024. This evolution indicates a more sophisticated approach in their methods of attack. Key Tactics and Techniques Email Bombing: Black Basta initiates their attacks by overwhelming target

Radiant Capital has attributed a $50 million cryptocurrency theft to North Korean hackers following an October 16 security breach. This investigation, supported by cybersecurity firm Mandiant, links the attack to a group known as Citrine Sleet, also referred to as UNC4736 or "AppleJeus," which is reportedly affiliated with

A recent cybersecurity investigation has uncovered that the ultralytics AI library was compromised, resulting in the distribution of a cryptocurrency mining program. Compromise Details According to ReversingLabs, the breach stemmed from a vulnerable GitHub Actions script within the library’s build environment. This particular vulnerability allowed attackers to inject malicious

In a recent investigation, the Federal Security Service (FSB) of Russia is accused of surveilling a Russian programmer, Kirill Parubets, by embedding spyware on his mobile device. The findings were reported by First Department in collaboration with the University of Toronto's Citizen Lab. Detention and Surveillance: Kirill Parubets

A sophisticated cyberattack campaign is now targeting those in the Web3 sector through a phony video conferencing platform, affecting both Windows and macOS systems with malicious software designed to steal cryptocurrency. The "Meeten" Campaign Identified by Cado Security Labs, this cyber threat has been named "Meeten"

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently expanded its Known Exploited Vulnerabilities (KEV) catalog by adding several critical vulnerabilities that are currently being exploited. These affect Zyxel, North Grid Proself, ProjectSend, and CyberPanel products. Identified Vulnerabilities CVE-2024-51378: Rated with a CVSS score of 10.0, this

Recently, the SmokeLoader malware has re-emerged, targeting key industries in Taiwan, including manufacturing, healthcare, and information technology. This latest threat highlights the malware's capacity to conduct complex attacks through its modular design. Fortinet FortiGuard Labs reports that SmokeLoader is exploiting its flexibility to execute attacks autonomously by downloading