Intel
A newly identified botnet, dubbed 'Eleven11bot,' has compromised over 86,000 Internet of Things (IoT) devices, including security cameras and network video recorders (NVRs), to execute distributed denial of service (DDoS) attacks. This botnet, which has potential connections to Iran, has already targeted telecommunication service providers and online
A sophisticated threat actor known as JavaGhost has been exploiting misconfigured AWS environments to gain unauthorized access and deploy phishing attacks. This group has been active for over five years, initially focusing on website defacement before shifting to phishing operations in 2022 for financial gain. JavaGhost's Tactics in
Recent investigations have unveiled significant connections between the Black Basta and Cactus ransomware groups. Both factions have been found employing similar social engineering techniques and utilizing the BackConnect proxy malware to maintain access to compromised corporate networks. Uncovering the Malware Links In January, cybersecurity firm Zscaler identified a Zloader malware
Recent investigations have uncovered close to 12,000 valid secrets, including API keys and passwords, within the Common Crawl dataset. This dataset, utilized for training various artificial intelligence models, poses significant security concerns. Understanding the Common Crawl Dataset The Common Crawl organization maintains an extensive open-source repository containing petabytes of
Recent discoveries have revealed that ransomware groups are exploiting a vulnerability in the Paragon Partition Manager's BioNTdrv.sys driver. This flaw is being used in zero-day attacks to gain SYSTEM privileges on Windows systems, posing significant security risks. Exploitation Through BYOVD Attacks The identified vulnerabilities are being exploited
A recent cybersecurity investigation has exposed a large-scale phishing operation that employs fake CAPTCHA images embedded in PDF documents. These documents, hosted on Webflow's content delivery network (CDN), are used to deploy the Lumma Stealer malware. Phishing Campaign Details Netskope Threat Labs identified 260 unique domains hosting over
A newly identified Linux backdoor, named 'Auto-Color,' has been detected in cyberattacks targeting universities and government entities in North America and Asia between November and December 2024. This sophisticated malware, uncovered by researchers at Palo Alto Networks' Unit 42, is highly elusive and challenging to eradicate, enabling
A sophisticated malware operation known as GitVenom is leveraging hundreds of GitHub repositories to distribute info-stealers, remote access trojans (RATs), and clipboard hijackers. These malicious tools are designed to siphon off cryptocurrency and sensitive credentials from unsuspecting users. Global Reach and Targeted Regions According to cybersecurity firm Kaspersky, the GitVenom
Cybersecurity experts have identified a new iteration of the LightSpy malware, which now includes an expanded array of data collection capabilities targeting social media platforms such as Facebook and Instagram. Originally documented in 2020, LightSpy is a modular spyware designed to infiltrate both Windows and Apple systems to extract sensitive