A groundbreaking security assessment of iOS find my team discovered a new attack surface that allows hackers to tinker with the firmware and load…
General
General
Eternity Project: A Threat Actor’s Swiss Army Knife
Threat actors have unveiled a new all-in-one cybercrime solution that is said to benefit both sophisticated and low-level attackers. The new malware-as-a-service, dubbed ‘Eternity…
General
India demands that VPNs, VPS providers, and cryptocurrency exchanges log user data
According to reports, India now requires data logging from all VPNs, cryptocurrency exchanges and services, VPS providers, and cloud data centre providers. The country…
General
Malware being sold on Telegram as part of the “Eternity project”
An unknown threat actor has been identified as the developer of a malware toolkit called the “Eternity Project”. The malware allows professional and amateur…
General
Zyxel rolls out patches for critical firewall OS command injection vulnerability
Zyxel has patched a serious flaw plaguing Zyxel firewall devices, which allows unauthenticated and remote attackers to execute code arbitrarily. “A command injection vulnerability…
General
Several WordPress websites were attacked; visitors were redirected to corrupt websites
Cybersecurity researchers have revealed a campaign entailing the injection of malicious JavaScript code into affected WordPress websites. The affected websites redirect visitors to fake…
General
Ransomware and cryptocurrency crime are the focus for a new DOJ team.
While no security officer would rely only on this, it’s encouraging to hear that the US Department of Justice is stepping up its efforts…
General
German companies are being targeted with malicious NPM packages
Cybersecurity researchers have found several malicious packages in the NPM registry, and these packages have been targeting big German companies to execute supply chain…
General
Microsoft fixes vulnerability plaguing Azure Synapse and Data Factory
On Monday, Microsoft said it patched a vulnerability plaguing Azure Synapse and Azure Data Factory. Further, Microsoft said, if the vulnerability was successfully exploited,…
General
A fresh perspective on “fileless” malware: Event logs carrying harmful code
Security researchers have discovered a malicious campaign that stores malware in Windows event logs, a technique that has never been publicly described for attacks…