A threat actor is using password “cracking” software for programmable logic controllers to infect industrial control systems (ICS) and turn them into a botnet (PLCs). The PLC and HMI (human-machine interface) terminals from Automation Direct, Omron, Siemens, Fuji Electric, Mitsubishi,…
Security experts have discovered a large-scale operation that searched over 1.6 million WordPress websites for the presence of a flaky plugin that permits file uploads without authentication. The Kaswara Modern WPBakery Page Builder, which was abandoned by its creator prior…
Only appearing a month ago, MaliBot has already established itself as one of the most common malware strains that targets Android users. One of the most pervasive risks to Android users has recently been a potent banking malware that was…
Gangs Target Big Businesses in the U.S., Europe, and Asia The Brute Ratel pentesting tool with remote access features has been added to the ransomware gang behind BlackCat’s updated arsenal. Sophos’ threat researchers claim to have been following this ransomware…
A recent use-after-free vulnerability in Google Chrome’s WebGPU standard was found by Cisco Talos. Cross-platform web browser Google Chrome is built on the open-source Chromium code, which is used by Google and other software companies to construct their own browsers.…
At a Glance: Cisco Talos has been tracking a new malicious campaign operated by the Transparent Tribe APT group. This campaign involves the targeting of educational institutions and students in the Indian subcontinent, a deviation from the adversary’s typical focus…
Over 3,000,000 people downloaded a new Android malware family from the Google Play Store that discreetly subscribes users to premium services. Maxime Ingrao, an Evina security researcher, found the malware, known as “Autolycos,” in at least eight Android applications, of…
The hundreds of significant health data breaches disclosed to federal regulators so far this year are dominated by ransomware incidents and breaches involving commercial partners that affect millions of people. The patterns highlight a worrying weakness for the healthcare sector,…
The information-stealing malware known as ChromeLoader has undergone recent iterations, showing how quickly its feature set has changed. ChromeLoader was discovered in January 2022 and has been disseminated as ISO or DMG file downloads promoted using QR codes on Twitter…
The ‘Lilith’ ransomware campaign has only begun, and it has already placed its first victim on a data leak website designed to facilitate double-extortion attempts. For 64-bit versions of Windows, JAMESWT discovered Lilith, a C/C++ console-based ransomware. Lilith conducts double-extortions…
