Azorult Malware Resurgence: Dark Web Campaign Revealed
The notorious Azorult malware has resurfaced on the dark web again, demonstrating a renewed and sophisticated approach. First identified in 2016, Azorult operates as a…
Month: January 2024
EU amendment changes open source definition
An amendment to the EU Cyber Resilience Act (CRA) has changed the widely accepted definition of open source software, which has the potential to lead…
DDoS Strikes By Anonymous Collective
The Anonymous Collective has orchestrated an alleged cyberattack on Bahrain, pointing to the country’s support for the US and UK strikes on Yemen. According to…
Forescout Report Uncovers New Details in Danish Energy Hack
The potential involvement of Sandworm, the wider threat beyond attribution, the vulnerability of Zyxel firewalls and the focus on European energy firms call for improved…
GEICO Data Breach Leads Database Sale On Dark Web
A threat actor identified as ‘wangfei19860902055’ recently advertised the sale of a database related to Government Employees Insurance Company (GEICO) on a popular dark web…
Balada Injector continues to infect thousands of WordPress sites
Balada Injector continues to infect thousands of WordPress sites Pierluigi Paganini January 15, 2024 Balada Injector malware infected more than 7100 WordPress sites using a…
Living-off-Trusted-Sites (LOTS) – APT Hackers Abusing GitHub
Hackers use GitHub to access and manipulate source code repositories. GitHub hosts open-source projects, and unauthorized access allows hackers to inject malicious code, steal sensitive…
Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability
Jan 15, 2024NewsroomWebsite Security / Vulnerability Thousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware…
Attackers target Apache Hadoop and Flink to deliver cryptominers
Attackers target Apache Hadoop and Flink to deliver cryptominers Pierluigi Paganini January 15, 2024 Researchers devised a new attack that exploits misconfigurations in Apache Hadoop…
Juniper fixes critical RCE in its SRX firewalls and EX switches (CVE-2024-21591)
Juniper Networks has fixed a critical pre-authentication remote code execution (RCE) vulnerability (CVE-2024-21591) in Junos OS on SRX firewalls and EX switches. About CVE-2024-21591 CVE-2024-21591…
High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners
Jan 15, 2024NewsroomOperational Technology / Network Security Multiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully…
Alleged 2024 McDonald’s Data Breach Surfaces On Dark Web
In a developing story that underscores the persistent challenges of cybersecurity in the corporate world, an alleged new McDonald’s data breach was reported on Sunday,…