MuddyWater Hackers Abusing RMM Tool to Deliver Malware
The Iranian state-sponsored threat actor MuddyWater has been observed exploiting a legitimate remote monitoring and management (RMM) tool, Atera Agent, to conduct a sophisticated malware…
Category: CyberSecurityNews
Hackers Actively Exploiting WP Automatic Updates Plugin Flaw
Hackers often target WordPress plugins as they have security loopholes that they can exploit to hack into sites without permission. Once they have found them,…
PoC Exploit Released For Critical Flowmon Vulnerability
Progress addressed a critical vulnerability last week, which was associated with an unauthenticated Command injection on the Progress Flowmon product. This vulnerability was assigned CVE-2024-2189,…
Hackers Exploit Google Ads to Spread IP Scanner with Concealed Backdoor
Malicious actors are distributing a new backdoor, MadMxShell, through a Google Ads campaign that impersonates an IP scanner. This Windows backdoor leverages DNS MX queries…
Founders of Crypto Service Arrested for Money Laundering
Rodriguez and Hill, founders of the cryptocurrency mixing service Samourai, have been arrested for operating an unlicensed money-transmitting business and facilitating large-scale money laundering activities.…
PlugX USB worm Infected Over 2.5M Devices
A new menace has emerged, affecting millions of devices worldwide. The PlugX USB worm, a sophisticated malware, has been reported to have infected over 2.5…
GitLab high-severity Flaw Let Attackers Takeover Account
GitLab released security patches 16.11.1, 16.10.4, and 16.9.6 for both Community and Enterprise Editions, and upgrading to these versions is strongly recommended to address vulnerabilities. …
Hackers Employ Black Hat SEO Techniques To Deliver Malware
Hackers use black hat SEO methods to manipulate search engine rankings and make malicious or fraudulent websites more visible. Recently, Zscaler cybersecurity researchers have seen…
ArcaneDoor Exploiting Cisco Zero-Days To Attack Govt Networks
Hackers target Cisco zero-days as they can abuse the widely used networking equipment that contains vulnerabilities which means they can affect many systems and networks…
New Qiulong Ransomware Well-Equiped To Make Waves
The Qiulong ransomware gang, a new cyber threat actor, has emerged targeting Brazilian victims as the group announced their arrival by compromising Dr. Lincoln Graca…
KnowBe4 to Acquire Egress for Aids in Email Awareness Training
KnowBe4, the leader in security awareness training and simulated phishing platforms, has announced its definitive agreement to acquire Egress, a pioneer in adaptive and integrated…
Google Meet Allows Non-Google Account to Join Encrypted Calls
Google has announced that external participants without Google accounts can join client-side encrypted Google Meet calls. This move marks a substantial step in balancing user…