Recent Security News
-
New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide
February 20, 2024 at 06:27AM North Korean-sponsored threat actors are conducting cyber espionage targeting the defense sector worldwide. The Lazarus Group is blamed for using social engineering to infiltrate the defense sector through a long-standing operation called Dream Job. Another incident involved an intrusion into a defense research center, executed by a North Korea-based threat…
-
Critical Flaws Found in ConnectWise ScreenConnect Software – Patch Now
February 20, 2024 at 06:27AM ConnectWise released software updates to fix critical security flaws in its ScreenConnect remote desktop and access software. The vulnerabilities could enable remote code execution and impact confidential data or critical systems. Users of affected versions are urged to update to version 23.9.8 to mitigate the risk of exploitation. Key Takeaways…
-
Insider steals 79,000 email addresses at work to promote own business
February 20, 2024 at 06:12AM Former council staff member in Stratford-on-Avon District breached databases, stealing 79,000 email addresses for personal business promotion. No financial or personal information compromised. Council issued apologies and confirmed internal controls were not at fault. Perpetrator referred to police, received official caution, and data was deleted. Information Commissioner’s Office opted not…
-
Earth Preta Campaign Uses DOPLUGS to Target Asia
February 20, 2024 at 04:37AM Summary: Earth Preta’s APT campaign, employing a customized PlugX malware named DOPLUGS, targeted Asian countries, including Taiwan and Vietnam. Phishing emails embedded with Google Drive links were used as initial access, executing DOPLUGS malware. The DOPLUGS variant was found to integrate the KillSomeOne module for malware distribution and USB infection.…
-
WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites
February 20, 2024 at 04:33AM A critical security flaw in the Bricks theme for WordPress, tracked as CVE-2024-25600, allows unauthenticated attackers to remotely execute PHP code on susceptible installations. The flaw was addressed in version 1.9.6.1 on February 13, 2024, following Snicco’s report. Exploitation attempts have been detected, and users are advised to apply the…