Recent Security News

  • Most Sophisticated iPhone Hack Ever Exploited Apple’s Hidden Hardware Feature

    December 28, 2023 at 06:42AM The Operation Triangulation spyware targeting Apple iOS devices utilized unprecedented exploits to bypass hardware-based security. The sophisticated attack, active since 2019, used four zero-day flaws to gain access to iOS devices and gather sensitive information. Patches were released by Apple, with 20 zero-days resolved this year. A particular vulnerability, CVE-2023-38606,…

    Read More

  • Blockchain dev’s wallet emptied in “job interview” using npm package

    December 28, 2023 at 06:26AM Blockchain developer Murat Çeliktepe was targeted by a LinkedIn recruiter for a web development job. As part of the interview, he was asked to debug npm packages from a GitHub repository, leading to his MetaMask wallet being drained of over $500. This scam has also targeted other developers, highlighting the…

    Read More

  • Barracuda Zero-Day Used to Target Government, Tech Organizations in US, APJ

    December 28, 2023 at 06:00AM Mandiant disclosed zero-day attacks targeting Barracuda Email Security Gateway (ESG) appliances, exploiting CVE-2023-7102 to execute malicious code in Excel email attachments. The China-linked threat actor UNC4841 used this vulnerability to target government, IT, and high-tech organizations. Barracuda promptly deployed updates and urged customers to follow the recommended guidance. UNC4841 has…

    Read More

  • New Rugmi Malware Loader Surges with Hundreds of Daily Detections

    December 28, 2023 at 01:54AM A new malware loader, Win/TrojanDownloader.Rugmi, is being used to distribute various information stealers like Lumma Stealer, Vidar, and RecordBreaker. ESET reports a spike in Rugmi loader detections in late 2023. Stealer malware, like Lumma, is sold as a service, utilizing various distribution methods including leveraging Discord’s content delivery network. McAfee…

    Read More

  • Ohio Lottery hit by cyberattack claimed by DragonForce ransomware

    December 27, 2023 at 05:17PM The Ohio Lottery experienced a cyberattack on Christmas Eve, disrupting some internal applications. Services are being restored, but mobile cashing above $599 and some winning numbers are unavailable. The lottery advises customers to check numbers at retailers, and smaller prizes can be cashed at retailers, while larger prizes require mailing…

    Read More