Recent Security News

  • Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants

    October 12, 2023 at 03:42AM A cyber attack campaign named Stayin’ Alive is targeting government and telecom entities in Asia using basic backdoors and loaders for delivering malware. The campaign’s infrastructure is similar to that used by ToddyCat, a China-linked threat actor known for cyber assaults in Europe and Asia. The attacks start with a…

    Read More

  • Two High-Risk Security Flaws Discovered in Curl Library – New Patches Released

    October 12, 2023 at 01:01AM Patches have been released for two security flaws in the Curl data transfer library. The more severe vulnerability, labeled CVE-2023-38545, allows for code execution and is considered one of the worst security flaws in Curl in a long time. The other vulnerability, CVE-2023-38546, enables cookie injection. Both flaws have been…

    Read More

  • How to Prevent Ransomware as a Service (RaaS) Attacks

    October 11, 2023 at 09:44PM Ransomware as a Service (RaaS) attacks are on the rise, with a significant increase in the number of victim organizations. RaaS operators recruit affiliates to carry out the attacks, split the ransom amounts, and provide sophisticated tools and interfaces. To prevent ransomware attacks, companies should leverage cybersecurity frameworks, use a…

    Read More

  • Chinese ‘Stayin’ Alive’ Attacks Dance onto Targets With Dumb Malware

    October 11, 2023 at 05:23PM Chinese APT group “ToddyCat” is using simple but constantly evolving custom backdoors and loaders to target telecommunications organizations in Central and Southeast Asia. The group, previously linked to Chinese espionage operations, uses spear phishing emails with archive files to exploit a DLL sideloading vulnerability. While the malware used by ToddyCat…

    Read More