Xynik October 17, 2023 at 04:49PM More than 10,000 Cisco IOS XE devices have been compromised and infected with malicious implants through a zero-day bug. The vulnerability has been exploited in attacks on devices running Cisco IOS XE software with the Web User Interface feature and HTTP/HTTPS Server feature enabled. Security company VulnCheck has released a … Read more
October 17, 2023 at 03:52PM A malvertising campaign targeting users searching for the Notepad++ text editor has gone undetected for months. The campaign uses misleading titles in Google search result ads, leading users to a decoy site or a malicious website that serves a payload, likely Cobalt Strike. To avoid downloading malware, avoid clicking on … Read more
October 17, 2023 at 03:34PM The US Treasury Department and the Cyber Security Council of the United Arab Emirates have agreed to share more information on cybersecurity threats and incidents in the financial services industry. The partnership aims to improve cybersecurity through information sharing, staff training, study visits, and competency-building activities. This collaboration follows a … Read more
October 17, 2023 at 03:19PM Thousands of Internet exposed Cisco IOS XE devices have been infected by a threat actor exploiting an unpatched vulnerability. Cisco has disclosed the flaw, which allows arbitrary code execution, with a severity rating of 10 out of 10. The attacks have a global footprint and the compromised systems all have … Read more
October 17, 2023 at 03:09PM Amazon has introduced passkey support as a passwordless login option to enhance security for customers. Passkeys are digital credentials that use biometric controls or PINs linked to devices for logging into websites. They mitigate the risk of data breaches, compromised accounts, phishing attacks, and information-stealing malware. Passkeys also simplify the … Read more
October 17, 2023 at 02:55PM Networking equipment manufacturer D-Link confirmed a data breach in which customer and employee information, including the CEO’s details, were stolen and put up for sale. The attacker claims to have also taken source code for D-Link’s software. The company shut down affected servers, disabled user accounts, and clarified that only … Read more
October 17, 2023 at 01:11PM Attackers have been using proprietary blockchain technology to conceal malicious code in a campaign involving fake browser updates. The campaign, called ClearFake, tricks users into downloading fake browser updates from compromised WordPress sites. The attackers use a technique called “EtherHiding” to host malicious code on Binance Smart Chain contracts, making … Read more
October 17, 2023 at 12:49PM Threat actors are disguising malware as fake browser updates and spreading it through vulnerable websites. This tactic has been adopted by multiple threat clusters, including TA569. The malicious code is injected into legitimate websites and presents users with convincing browser update notifications. When users click “Update,” they unknowingly download malware. … Read more
October 17, 2023 at 12:30PM New York-based startup Prove Identity, formerly known as Payfone, has raised $40 million in funding led by MassMutual Ventures and Capital One Ventures. The company provides identity verification and authentication technology to banks, retailers, and healthcare institutions, claiming impressive results such as faster onboarding and a reduction in fraud. Prove … Read more
October 17, 2023 at 12:15PM Nation-state hacking groups are using Discord’s content delivery network (CDN) to target critical infrastructure. While Discord is currently mainly used by information stealers, a cybersecurity firm has found evidence of an artifact targeting Ukrainian critical infrastructure, indicating a potential emergence of APT malware campaigns on the platform. This introduces a … Read more