Massive 400,000 proxy botnet built with stealthy malware infections
Researchers have uncovered a massive campaign that delivered proxy server apps to at least 400,000 Windows systems. The devices act as residential exit nodes without users’…
Category: Bleeping Computer
AI and security standards keynotes at mWISE
Mark your calendar for mWISE™, the uniquely targeted, community-focused cybersecurity conference from Mandiant. It’s taking place September 18–20, 2023 in Washington, DC. mWISE conference organizers…
Major U.S. energy org targeted in QR code phishing attack
A phishing campaign was observed predominantly targeting a notable energy company in the US, employing QR codes to slip malicious emails into inboxes and bypass…
Ivanti Avalanche impacted by critical pre-auth stack buffer overflows
Two stack-based buffer overflows collectively tracked as CVE-2023-32560 impact Ivanti Avalanche, an enterprise mobility management (EMM) solution designed to manage, monitor, and secure a wide…
LinkedIn accounts hacked in widespread hijacking campaign
LinkedIn is being targeted in a wave of account hacks resulting in many accounts being locked out for security reasons or ultimately hijacked by attackers.…
Almost 2,000 Citrix NetScaler servers backdoored in hacking campaign
A threat actor has compromised close to 2,000 thousand Citrix NetScaler servers in a massive campaign exploiting the critical-severity remote code execution tracked as CVE-2023-3519.…
Raccoon Stealer malware returns with new stealthier version
Image: Midjourney The developers of Raccoon Stealer information-stealing malware have ended their 6-month hiatus from hacker forums to promote a new 2.3.0 version of the…
Back to school security against ransomware attacks on K-12 and colleges
A ransomware attack on an educational institution causes more than just class disruption. It can result in lost teaching hours, financial strain, and compromised personal…
New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices
Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting…
Discord.io confirms breach after hacker steals data of 760K users
The Discord.io custom invite service has temporarily shut down after suffering a data breach exposing the information of 760,000 members. Discord.io is not an official…
Threat actors use beta apps to bypass mobile app store security
The FBI is warning of a new tactic used by cybercriminals where they promote malicious “beta” versions of cryptocurrency investment apps on popular mobile app…
Over 100K hacking forums accounts exposed by info-stealing malware
Researchers discovered 120,000 infected systems that contained credentials for cybercrime forums. Many of the computers belong to hackers, the researchers say. Analyzing the data, threat…