New PyLoose Linux malware mines crypto directly from memory
A new fileless malware named PyLoose has been targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining. PyLoose is a relatively simple…
Month: July 2023
Exploitable Flaws in QuickBlox Framework Expose Millions of User Records
In a joint research effort, Check Point Research (CPR) and Claroty Team82 found multiple security flaws in the QuickBlox framework. QuickBlox is a popular chat…
Apple re-releases zero-day patch after fixing browsing issue
Apple fixed and re-released emergency security updates addressing a WebKit zero-day vulnerability exploited in attacks. The initial patches had to be withdrawn on Monday due…
New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs
The malware campaign, exploiting two known vulnerabilities including Follina, has been discovered by cybersecurity researchers at FortiGuard Labs. FortiGuard Labs recently uncovered a concerning discovery…
How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s Kingdom
But exactly how such a sensitive key, allowing such broad access, could be stolen in the first place remains unknown. WIRED contacted Microsoft, but the…
SonicWall warns admins to patch critical auth bypass bugs immediately
SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company’s Global Management System (GMS) firewall management and Analytics network reporting engine software…
New Windows 11 build ships with more Rust-based Kernel features
Microsoft announced that the latest Windows 11 build shipping to Insiders in the Canary channel comes with additional Windows Kernel components rewritten in the memory…
Orca Sues Wiz Over Alleged Cloud Security Patent Violations
The simmering rivalry between Israeli cloud security unicorns Orca and Wiz erupted in the open Wednesday with Orca filing a dramatic lawsuit claiming patent infringements,…
Russian state hackers lure Western diplomats with BMW car ads
The Russian state-sponsored hacking group ‘APT29’ (aka Nobelium, Cloaked Ursa) has been using unconventional lures like car listings to entice diplomats in Ukraine to click…
Chinese Group Storm-0558 Hacked European Govt Emails, Microsoft
Microsoft has recently uncovered a sophisticated intrusion campaign carried out by a China-based threat actor, identified as Storm-0558. This campaign successfully gained access to email…
(ISC)² expands its diversity, equity and inclusion (DEI) partner network
(ISC)² expanded its diversity, equity, and inclusion (DEI) partner network, cementing its commitment to fostering greater diversity within the cybersecurity field. Following the initial announcement…
Cl0p hacker operating from Russia-Ukraine war front lineSecurity Affairs
CyberNews researchers discovered that at least one of the Cl0p ransomware gang masterminds is still residing in Ukraine. Original post at: https://cybernews.com/security/cl0p-hacker-hides-in-ukraine/ As the Cl0p…