Recent Security News
-
D-Link confirms data breach after employee phishing attack
October 17, 2023 at 02:55PM Networking equipment manufacturer D-Link confirmed a data breach in which customer and employee information, including the CEO’s details, were stolen and put up for sale. The attacker claims to have also taken source code for D-Link’s software. The company shut down affected servers, disabled user accounts, and clarified that only…
-
‘Etherhiding’ Blockchain Technique Hides Malicious Code in WordPress Sites
October 17, 2023 at 01:11PM Attackers have been using proprietary blockchain technology to conceal malicious code in a campaign involving fake browser updates. The campaign, called ClearFake, tricks users into downloading fake browser updates from compromised WordPress sites. The attackers use a technique called “EtherHiding” to host malicious code on Binance Smart Chain contracts, making…
-
Watch Out: Attackers Are Hiding Malware in ‘Browser Updates’
October 17, 2023 at 12:49PM Threat actors are disguising malware as fake browser updates and spreading it through vulnerable websites. This tactic has been adopted by multiple threat clusters, including TA569. The malicious code is injected into legitimate websites and presents users with convincing browser update notifications. When users click “Update,” they unknowingly download malware.…
-
Prove Identity Snags $40M Funding for ID Verification Tech
October 17, 2023 at 12:30PM New York-based startup Prove Identity, formerly known as Payfone, has raised $40 million in funding led by MassMutual Ventures and Capital One Ventures. The company provides identity verification and authentication technology to banks, retailers, and healthcare institutions, claiming impressive results such as faster onboarding and a reduction in fraud. Prove…
-
Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure
October 17, 2023 at 12:15PM Nation-state hacking groups are using Discord’s content delivery network (CDN) to target critical infrastructure. While Discord is currently mainly used by information stealers, a cybersecurity firm has found evidence of an artifact targeting Ukrainian critical infrastructure, indicating a potential emergence of APT malware campaigns on the platform. This introduces a…