Humorous Windows Hello: Greeting Your Privacy Goodbye New research finds vulnerabilities that could bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. These flaws, found by researchers at Blackwing Intelligence, are from the fingerprint sensors made by Goodix. Knocking on Windows Hello: An Unexpected Welcome Forget about
Read More
North Korean Threat Actors Masquerade as Job Seekers and Recruiters Two major campaigns, codenamed ‘Contagious Interview’ and ‘Wagemole’, linked with North Korean threat actors Actors pose as job seekers and recruiters to distribute malware and infiltrate organizations Palo Alto Networks Unit 42 issues a warning and details the methodologies of these campaigns Devious Deception: The
Read More
AI Tools Rising Fast, but Many Overlook Serious SaaS Security Risks Main Points Employees surreptitiously use AI tools without undergoing the necessary IT and cybersecurity reviews. This growing trend mirrors the past conundrum with SaaS shadow IT, testing cybersecurity teams’ capabilities. The exceptional growth of platforms like ChatGPT, which garnered 100 million users in just
Read More
Atomic MacOS Attack: ClearFake Causes A Big Bang – The macOS information thief, Atomic, is now being delivered via a fake web browser update chain, known as ClearFake. – This is likely the first incidence of a social engineering campaign, originally for Windows, expanding geolocation and operating system reach. – The insight was given by
Read More
Critical Security Glitch in Citrix NetScaler Nipped in the Bud by Multiple Threat Actors Eminent cybercriminals, including LockBit ransomware affiliates, are capitalizing on an escalating flaw in Citrix NetScaler ADC and Gateway gears to infiltrate target situations. The up-to-the-minute joint directive originates from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), coupled with the Federal
Read More
Play Ransomware Turns Into a Monetary Funhouse for Wannabe Cybercriminals Main points: – “Play” ransomware is now being offered as a service, according to security firm Adlumin. – There’s an unusual lack of variation between attacks which suggests a ransomware-as-service (RaaS) model. – Affiliates who bought the RaaS are believed to be following step-by-step instructions
Read More
The Renaissance of Agent Tesla Malware Main points of interest: – A new variant of Agent Tesla Malware has been detected. – The malware is delivered via a lure file using the ZPAQ compression format. – The malware aims to harvest data from several email clients and nearly 40 web browsers. – Compared to ZIP
Read More
h1: Buckle Up for Phishing 2.0: QR Codes, CAPTCHAs, and Steganography • Cybercriminals are continuously devising avant-garde methods to conn victims and pilfer sensitive information. • Emerging trends in sophisticated phishing attempts involve the use of QR codes, CAPTCHAs, and steganography. • Awareness and learning about these latest techniques are critical for effective detection and
Read More
## Main Points – Kinsing threat actors targeting Apache ActiveMQ servers. – A critical security flaw is being exploited. – Linux systems are being infected with cryptocurrency miners and rootkits. – Bitcoin mining gives Kinsing both a financial gain and causes enormous damage to victims’ infrastructure. You better grab your safety goggles and some popcorn,
Read More
Malicious App Campaign Targets Android Users in India Android smartphone users in India are being targeted by a new malware campaign. Social engineering tactics are used to trick users into downloading fraudulent apps with the potential to siphon sensitive data. Attackers imitate legitimate organizations and distribute their harmful apps via platforms like WhatsApp and Telegram.
Read MoreNo products in the cart.