November 13, 2023 at 08:05PM Google has filed a lawsuit against three scammers for falsely offering a download of the company’s Bard AI chatbot that contained malware to steal credentials for small business’ social media accounts. The defendants are accused of targeting small businesses and advertiser accounts to steal financial information. Google is seeking an … Read more
November 10, 2023 at 12:45AM A watering hole attack has targeted Urdu-speaking readers in the Gilgit-Baltistan region via the Hunza News website. The attack delivers a new spyware called Kamran, which is disguised as an Android app. The malware collects sensitive information from infected devices and uploads it to a command-and-control server. Kamran lacks remote … Read more
November 9, 2023 at 09:42AM Malicious Python packages posing as obfuscators are being used to target developers, according to cybersecurity firm Checkmarx. These packages deploy a payload called ‘BlazeStealer’, which allows the attackers to control infected systems and spy on victims. The malware can steal system information, passwords, files, capture screenshots, and even control the … Read more
October 24, 2023 at 03:55PM Russian state and industrial organizations have been targeted in a cyber attack using a custom Go-based backdoor. Kaspersky detected the campaign in June 2023 and later found a newer version of the backdoor, indicating ongoing optimization by the attackers. The threat actors behind the attack are unknown, but Kaspersky has … Read more
October 18, 2023 at 03:07PM Researchers found that out of over 1.8 million admin portals, 40,000 had “admin” as the password, making it the most popular password among IT administrators. The study also revealed an increase in the use of default passwords. The top 10 passwords included common defaults and easy-to-guess options. This highlights the … Read more
October 13, 2023 at 01:47PM Cyberattackers are using the ShellBot malware to target Linux SSH servers. They are now using hexadecimal IP addresses to evade detection. This new method allows them to hide their activity from behavior-based detection systems. ShellBot is a well-known botnet that compromises servers with weak SSH credentials and can be used … Read more