US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms
Authorities around the world seized more than 50 websites associated with DDoS “booter” services. Source link
Author: Cybernoz
The surveillance law Congress can’t quit — and can’t explain
Congress is grappling with renewal of a surveillance law set to expire at the end of this month that critics say is a mystery on…
Another Microsoft Defender privilege escalation bug emerges days after patch
Second Defender-based LPE in days The Defender flaw addressed earlier this week as part of Patch Tuesday was one of the two zero-day bugs Microsoft…
Your Supply Chain Breach Is Someone Else’s Payday
TeamPCP exploited a single stolen credential to gain write access to trusted software repositories, inject credential-harvesting malware, and cascade across five ecosystems in five days.…
Analyzing a Malicious Advanced IP Scanner Google Ad Redirection
So you found yourself responding to an alert about one of your employees downloading a malicious version of Advanced IP Scanner? This has become fairly…
Payouts King ransomware uses QEMU VMs to bypass endpoint security
The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on compromised systems and bypass endpoint…
Hackers Target TP-Link Routers With Mirai Malware in CVE-2023-33538 Exploitation Attempts
A known security flaw in several end-of-life TP-Link Wi-Fi routers is being actively targeted by hackers trying to install Mirai-based botnet malware on vulnerable devices.…
The Shocking Secrets of Madison Square Garden’s Surveillance Machine
Eversole would tell his teams to bust the guys selling knockoff merchandise and “remove scalpers and drug dealers daily, in areas outside and around MSG…
SEO Poisoning Attack Uses Microsoft Binary to Install RMM Tool
New research has exposed a search engine poisoning campaign that delivers a trojanized TestDisk installer, abuses a Microsoft-signed binary for DLL sideloading, and silently deploys…
New RecruitRat, SaferRat, Astrinox, Massiv Android Malware Found Targeting 800 Apps
Cybersecurity Researchers from Zimperium zLabs have shared details on four new Android malware families currently being used in four different campaigns targeting Android banking and…
Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild
The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two…
This old-school scam is still working
When we read about this new malware tactic, or that novel social engineering approach, it’s easy to forget that there are scammers out there making…