Recent Security News
-
There is a Ransomware Armageddon Coming for Us All
January 11, 2024 at 09:00AM The article highlights the growing threat of phishing-driven ransomware, with the rise of Generative Artificial Intelligence (GenAI) making it more difficult to detect and defend against phishing attacks. To counter this, companies are advised to upgrade to next-generation multi-factor authentication (MFA) solutions, such as Token Ring, to protect against sophisticated…
-
Atomic Stealer Gets an Upgrade – Targeting Mac Users with Encrypted Payload
January 11, 2024 at 09:00AM Cybersecurity researchers have found an enhanced version of the macOS information stealer, Atomic (AMOS), with updated capabilities, including payload encryption to bypass detection rules. Its cost has risen to $3,000/month with a festive promotion. Malvertising campaigns impersonating Slack and TradingView are used to distribute the malware. Caution is advised when…
-
Mandiant’s X Account Was Hacked Using Brute-Force Attack
January 11, 2024 at 04:01AM Mandiant’s X account was compromised by a brute-force attack, enabling the intruder to spread a cryptocurrency drainer called CLINKSINK. The attack targeted Solana cryptocurrency users and utilized phishing pages to redirect victims to approve fraudulent transactions. This incident reflects a growing trend of financially motivated threat actors targeting cryptocurrency assets…
-
Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure
January 11, 2024 at 04:01AM A pair of zero-day flaws in Ivanti Connect Secure (ICS) and Policy Secure have been exploited by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity identified the activity and attributed it to a hacking group it tracks under the name UTA0178. Patches are expected to…
-
Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
January 11, 2024 at 04:01AM Cisco has issued software updates to address a critical security flaw (CVE-2024-20272 – CVSS score: 7.3) in Unity Connection, allowing arbitrary file upload and execution of commands. Users are advised to update to patched versions to mitigate potential threats. Additionally, 11 medium-severity vulnerabilities have been resolved across Cisco software. Cisco…