Researchers unearth two previously unknown Linux backdoors
ESET researchers have identified multiple samples of two previously unknown Linux backdoors: WolfsBane and FireWood. The goal of the backdoors and tools discovered is cyberespionage…
Month: November 2024
Now BlueSky hit with crypto scams as it crosses 20 million users
As many more users are flocking to BlueSky from social media platforms like X/Twitter, so are threat actors. BleepingComputer has spotted cryptocurrency scams popping up…
CISA Warns of VMware VCenter Vulnerabilities Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding two newly discovered vulnerabilities in VMware’s vCenter Server. These vulnerabilities, identified as…
HiddenLayer Automated Red Teaming prevents malicious manipulation of AI models
HiddenLayer launched Automated Red Teaming solution for artificial intelligence, a transformative tool that enables security teams to rapidly and thoroughly assess generative AI system vulnerabilities.…
5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme
Nov 21, 2024Ravie LakshmananCryptocurrency / Identity Theft Five alleged members of the infamous Scattered Spider cybercrime crew have been indicted in the U.S. for targeting…
Authorities Charged 5 Hackers For Attacking Companies via Phishing Text Messages
Federal authorities have unveiled criminal charges against 5 individuals accused of directing a sophisticated phishing scheme targeting employees of companies across the United States. The…
5 Hackers Charged for Attacking Companies via Phishing Text Messages
Federal authorities have unsealed charges against five individuals accused of orchestrating sophisticated phishing schemes that targeted employees of companies across the United States. The alleged…
Ukrainian cyberwar experience becomes blueprint for TRYZUB cyber training service
The Computer Emergency Response Team of Ukraine (CERT-UA), part of the State Service of Special Communications and Information Protection (SSSCIP), has joined forces with the…
Malicious PyPi Package Mimic ChatGPT & Claude Steals Developers Data
Kaspersky’s Global Research and Analysis Team (GReAT) has recently uncovered a sophisticated supply chain attack targeting the Python Package Index (PyPI). The attack, which remained…
Google’s AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects
Nov 21, 2024Ravie LakshmananArtificial Intelligence / Software Security Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities…
Decade-old local privilege escalation bugs impacts Ubuntu needrestart package
Decade-old local privilege escalation bugs impacts Ubuntu needrestart package Pierluigi Paganini November 21, 2024 Decade-old flaws in the needrestart package in Ubuntu Server could allow…
Critical Kubernetes Vulnerability Let Attackers Execute Arbitrary Commands
A high-severity security vulnerability in Kubernetes has been discovered, potentially allowing attackers to execute arbitrary commands beyond container boundaries. The vulnerability has been tracked as…