New widespread phishing campaign Attacking Users With malware
Phishing campaigns intensified in May 2024, with Poland bearing the brunt of attacks, accounting for 80% of over 26,000 protected users, as Italy and Romania…
Category: CyberSecurityNews
Hackers Abuse TryCloudflare Service To Bypass Detection & Deliver Malware
Cybercriminals increasingly leverage the TryCloudflare Tunnel to deliver Remote Access Trojans (RATs) in financially motivated attacks. TryCloudflare is a tool for developers to experiment with…
Microsoft Edge Vulnerability Let Attackers Execute Arbitrary Code
Microsoft has released a critical security update for its Edge browser to address multiple vulnerabilities, including a severe validation flaw that could allow attackers to…
RBI Mandated Additional Factor Authentication for All Card payments
The Reserve Bank of India (RBI) has proposed a new framework mandating additional factor authentication (AFA) for all digital payment transactions, with some exceptions. This…
Authorities Sentenced Leader of Tech Support Fraud Scheme
Damian Williams, the United States Attorney for the Southern District of New York, announced that Vinoth Ponmaran has been sentenced to seven years in prison…
Security Risk Advisors Announces Launch of VECTR Enterprise Edition
Security Risk Advisors (SRA) announces the launch of VECTR Enterprise Edition, a premium version of its widely-used VECTR platform for purple teams and adversary management…
Bitdefender Vulnerability Let Attackers Trigger SSRF Attacks
A critical security vulnerability has been discovered in Bitdefender’s GravityZone Update Server, potentially exposing organizations to server-side request forgery (SSRF) attacks. The flaw, identified as…
Specula Tool Turns Outlook Into A C2 Server By Leveraging Registry
Specula tool utilizes a Registry to turn Microsoft Outlook Into a C2 Server capable of executing arbitrary commands. Fundamentally, Specula is a C2 framework that…
Weaponized Google Authenticator Via Google Ads Steals Sensitive Data
In recent days, threat actors have leveraged the popular Google Authenticator (a multi-factor authentication program) through Google ads, infecting devices with malware. In this instance,…
New SMS Stealer Infects Millions Of Android Users In 113 Countries
Since February 2022, a highly advanced Android malware campaign has been specifically designed to attack one-time passwords (OTPs), which are used for enterprise security breaches.…
Google Enhances Chrome Security to Prevention Users From Cookie Steal Malware
Google has introduced several measures to address this threat, including Safe Browsing download protection in Chrome, Device Bound Session Credentials, and account-based threat detection systems…
Critical OAuth Vulnerability Exposes 1 Million Sites to XSS Attacks
Security researchers have uncovered a critical vulnerability affecting over one million websites. The vulnerability combines OAuth implementation flaws with cross-site scripting (XSS) attacks. The vulnerability…