Microsoft has issued a warning about a new version of the srv botnet, which is exploiting several vulnerabilities in web applications and databases. The vulnerability can lead to the installation of coin miners on both Windows and Linux systems. The…
A groundbreaking security assessment of iOS find my team discovered a new attack surface that allows hackers to tinker with the firmware and load malware onto a Bluetooth chip that runs while the iPhone is turned off. When adopting a…
Threat actors have unveiled a new all-in-one cybercrime solution that is said to benefit both sophisticated and low-level attackers. The new malware-as-a-service, dubbed ‘Eternity Project,’ may be configured with different modules depending on the type of attack being carried out.…
According to reports, India now requires data logging from all VPNs, cryptocurrency exchanges and services, VPS providers, and cloud data centre providers. The country has also requested that the relevant services keep users’ personal information and activity records for a…
An unknown threat actor has been identified as the developer of a malware toolkit called the “Eternity Project”. The malware allows professional and amateur cybercriminals to buy stealers, clippers, worms, miners, ransomware, and a distributed denial-of-service (DDoS) bot. The malware-as-a-service(MaaS)…
Zyxel has patched a serious flaw plaguing Zyxel firewall devices, which allows unauthenticated and remote attackers to execute code arbitrarily. “A command injection vulnerability in the CGI program of some firewall versions could allow an attacker to modify specific files…
Cybersecurity researchers have revealed a campaign entailing the injection of malicious JavaScript code into affected WordPress websites. The affected websites redirect visitors to fake pages and other infected websites to create illegitimate traffic. “The websites all shared a common issue…
While no security officer would rely only on this, it’s encouraging to hear that the US Department of Justice is stepping up its efforts to combat cybercrime. New efforts will focus on ransomware and cryptocurrency occurrences, according to Deputy Attorney…
Cybersecurity researchers have found several malicious packages in the NPM registry, and these packages have been targeting big German companies to execute supply chain attacks. “Compared with most malware found in the NPM repository, this payload seems particularly dangerous: a…
On Monday, Microsoft said it patched a vulnerability plaguing Azure Synapse and Azure Data Factory. Further, Microsoft said, if the vulnerability was successfully exploited, it could lead to remote code execution. Researchers from Orca Security have codenamed the vulnerability, labelled…
