Beware of Fake LastPass App that Steal Personal Information
Customers of LastPass have been alerted of a fraudulent app on the Apple App Store that poses as the legitimate LastPass app in an attempt to…
Category: CyberSecurityNews
Chinese Hackers Remain Undetected in US Infrastructure
Volt Typhoon, the PRC state-sponsored threat actor, has been discovered to be compromising U.S. critical infrastructure for future crises in case of a conflict with…
Ransomware Payments Hitting Record High, Exceed $1 Billion
Chainalysis, a leading blockchain analysis firm, has recently released a report on ransomware payments revealing that they have skyrocketed to a whopping $1 billion in…
ANY.RUN Sandbox Now Analyzes Complex Linux Malware
The ANY.RUN sandbox has recently undergone an update to include support for Linux, strengthening its capacity to offer a safe and isolated atmosphere for examining…
Spyware Vendors Behind 50% 0-day Exploits: Google Said
Spyware is a crucial tool for the surveillance and data collection of high-risk individuals. The functionalities of spyware have undergone significant advancements and have become…
Linux Shim Bootloader Flaw Expose Most Linux Distros to Attacks
Shim is a small application used by open-source projects and other third parties for verifying and running the bootloader (typically GRUB2). The application was developed…
Chinese Hackers Exploited Fortinet zero-day Flaw to hack networks
Chinese state-sponsored hackers exploited a zero-day vulnerability (CVE-2022-42475) in Fortinet’s virtual private network to gain unauthorized access to the Dutch defense networks. The hackers then…
Two New FortiSIEM Max-severity Flaw Execute Remote Code
FortiSIEM has been discovered with multiple OS command injection vulnerabilities, which could allow an unauthenticated remote threat actor to execute unauthorized commands on FortiSIEM via…
Google’s open-source bazel Flaw Attackers insert malicious code
Bazel, an open-source software used for automation of building and testing, has been discovered with a critical supply chain vulnerability that could allow a threat…
Hackers Stolen 2M+ User’s Data Via XSS & SQL Injection Attacks
A large-scale cyber attack was launched to steal and market confidential user information, focusing mainly on the APAC region’s employment agencies and retail firms. A…
Hackers Selling AnyDesk Users’ Login Credentials
A recent security breach has exposed AnyDesk’s customer’s credentials, putting their accounts and devices at risk. On February 3, 2024, Resecurity discovered several threat actors…
Hackers Abuse Google Search Ads to Attack IT & System Admins
The Nitrogen campaign has been identified as the latest threat vector for malware delivery via malicious search ads. While the tactic of hackers using malicious…