Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make it a highly effective and low-cost attack method.  Phishing attacks can be easily scaled to target a large number of individuals, increasing the likelihood of success. Recently, cybersecurity analysts at Abnormal Security discovered that hackers are actively exploiting DocuSign with customizable … Read more

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that Secure Socket Layer/Transport Layer Security (SSL/TLS) based VPN solutions, like SSLVPN and WebVPN, should be replaced with safer options. Bad people are still taking advantage of flaws in these VPN services, which is why this suggestion was made. ANYRUN malware sandbox’s … Read more

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target for gaining unauthorized access or spreading malware.  Besides this, its open-source nature allows threat actors to study the code and identify new vulnerabilities in it closely. Cybersecurity researchers at Symantec recently identified a new Linux … Read more

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts text from images, and the malware scans these extracted strings for phrases related to passwords or cryptocurrency wallets.  If a match is found, the malware exfiltrates the corresponding image by building upon existing functionalities like … Read more

Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and Chile. Concerns have been made about data security and privacy following the breach, which was found to have started with someone breaking into a database hosted by a third-party provider. Immediate Response and Containment Measures … Read more

The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and severance of North Korean IT workers working around the world. This plan, which was announced on Thursday, is meant to stop these workers from doing illegal things that are thought to be making the North … Read more

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated cybercriminals to achieve its strategic goals, as APT groups conduct espionage to gather valuable political and economic information.  The Russian government may recruit financially motivated groups, despite their apparent independence, for malicious operations, resulting in a complex threat landscape where the … Read more

Researchers discovered four significant vulnerabilities in the ThroughTek Kalay Platform, which powers 100 million IoT-enabled devices. Notably, ThroughTek Kalay’s influence emphasizes the importance of protecting homes, companies, and integrators alike with its widespread presence in security cameras and other devices. The affected cameras are the Roku Indoor Camera SE, Wyze Cam v3, and Owlet Cam … Read more

The App Store will close over 370 million developer and customer accounts in 2023. Apple takes this move to fight fraud and provide a safe and dependable platform for consumers and developers. Apple has led app distribution since 2008, setting industry standards for security, stability, and user experience. Apple has boosted its antifraud efforts to … Read more

VirusTotal has announced a major change to its Crowdsourced AI project: it has added a new AI model that can examine strange macros in Microsoft Office files. This model, created by Dr. Ran Dubin from Ariel University and the ByteDefend Cyber Lab, is meant to help the platform find and analyze possible threats in Word, … Read more

Multiple security flaws affecting VMware Workstation and Fusion have been addressed by upgrades published by VMware. If these vulnerabilities are successfully exploited, attackers may be able to obtain privileged data from the device, execute arbitrary code, and cause a denial of service. VMware issued patches and workarounds to address these vulnerabilities tracked as (CVE-2024-22267, CVE-2024-22268, … Read more

Nissan says that the personal information of more than 53,000 workers has been stolen. The huge automaker is now taking proactive steps to help those who have been affected and limit the damage that could occur from the stolen data. Detail of the Breach Nissan just recently said that private employee information was stolen and … Read more