Intel

The Russian cybercrime group known as RomCom has recently launched attacks using two zero-day vulnerabilities affecting Firefox and Tor Browser users in Europe and North America. These attacks were meticulously crafted to target specific industries, exploiting security flaws to gain unauthorized access to systems. Firefox Zero-Day (CVE-2024-9680) This vulnerability, identified

Critical Vulnerability Exploited in Array Networks SSL VPN Products Hackers have been found exploiting a critical vulnerability in Array Networks' SSL VPN products, as confirmed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). This vulnerability, identified as CVE-2023-28461, affects both Array AG Series hardware and vxAG virtual

The Python Package Index (PyPI) maintainers have quarantined the "aiocpa" library after discovering its latest update contained malicious code designed to steal private keys through a Telegram bot. Package Details "aiocpa" is recognized as a synchronous and asynchronous Crypto Pay API client, with its initial release

Recent findings reveal that cybercriminals are exploiting an outdated Avast Anti-Rootkit driver to bypass security systems by disabling critical defense mechanisms. This approach allows threat actors to gain control of targeted computers, putting sensitive data and systems at risk. Malware Tactics The attack utilizes a variant of an AV Killer,

Researchers from Microsoft have uncovered that a North Korean hacking group, known as Sapphire Sleet, has pilfered over $10 million in cryptocurrency through an elaborate LinkedIn-driven social engineering scheme. Over six months, operatives associated with the hermit nation executed operations leveraging fake LinkedIn profiles while pretending to be both recruiters

Russian APT28 Hackers Exploit US Company Wi-Fi from Afar In a remarkable demonstration of their capabilities, Russian cyber espionage group APT28, also known as Fancy Bear and linked to Russia's military intelligence agency GRU, successfully infiltrated a U.S. company's Wi-Fi network from a distant location.

Fake NFT App Exploits Defender and 2FA, Draining $24K in Cryptocurrency In a recent cybersecurity incident, crafty malware managed to bypass Microsoft Defender and two-factor authentication (2FA), leading to the theft of $24,000 in cryptocurrency. The breach was facilitated through a fake NFT game application, according to findings by

New Linux Threats Two newly identified malware strains, WolfsBane and FireWood, have been detected targeting Linux systems, as revealed in recent research by cybersecurity firm ESET. These sophisticated tools have been linked to the Gelsemium Advanced Persistent Threat (APT) group, known for cyber espionage activities in sectors such as government,

A recent leak reveals detailed insights into the capabilities of Graykey, a forensic tool widely utilized by law enforcement to unlock smartphones. According to documents acquired by 404 Media, Graykey can only partially access data on Apple's latest iPhone models running iOS 18 or iOS 18.0.1.