Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices, which makes it an attractive target for gaining unauthorized access or spreading malware. Besides this, its open-source nature allows threat actors to study the code and identify new vulnerabilities in it closely. Cybersecurity researchers at Symantec recently identified a new Linux … Read more
ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine, to target infected systems, which extracts text from images, and the malware scans these extracted strings for phrases related to passwords or cryptocurrency wallets. If a match is found, the malware exfiltrates the corresponding image by building upon existing functionalities like … Read more
%20(1)%20(1).webp "Santander Data Breach: Hackers Accessed Company Database")
Santander has confirmed that there was a major data breach that affected its workers and customers in Spain, Uruguay, and Chile. Concerns have been made about data security and privacy following the breach, which was found to have started with someone breaking into a database hosted by a third-party provider. Immediate Response and Containment Measures … Read more
.webp "U.S. Govt Announces Rewards up to Million for North Korean IT Workers")
The U.S. government has offered a prize of up to $5 million for information that leads to the arrest and severance of North Korean IT workers working around the world. This plan, which was announced on Thursday, is meant to stop these workers from doing illegal things that are thought to be making the North … Read more
Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated cybercriminals to achieve its strategic goals, as APT groups conduct espionage to gather valuable political and economic information. The Russian government may recruit financially motivated groups, despite their apparent independence, for malicious operations, resulting in a complex threat landscape where the … Read more
Since mid-April 2024, Microsoft Threat Intelligence has observed the threat actor Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks. Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware. The observed activity begins with impersonation through voice phishing (vishing), followed by delivery of malicious tools, … Read more
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Ones to Watch winners selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers … Read more
Researchers discovered four significant vulnerabilities in the ThroughTek Kalay Platform, which powers 100 million IoT-enabled devices. Notably, ThroughTek Kalay’s influence emphasizes the importance of protecting homes, companies, and integrators alike with its widespread presence in security cameras and other devices. The affected cameras are the Roku Indoor Camera SE, Wyze Cam v3, and Owlet Cam … Read more
Meeting the demands of the modern-day SMB is one of the challenges facing many business leaders and IT operators today. Traditional, office-based infrastructure was fine up until the point where greater capacity was needed than those servers could deliver, vendor support became an issue, or the needs of a hybrid workforce weren’t being met. Related: … Read more
Today, Cato Networks announces a strategic partnership with e& (etisalat and) during International Telecoms Week (ITW) in the United States, a significant move that will see the establishment of a new Point-of-Presence (PoP) within the global technology group’s SmartHub data center in Fujairah. As one of the United Arab Emirates’ premier carrier-neutral data facilities, e&’s … Read more
Over the past year, a significant portion of global organisations (54%) experienced software supply chain attacks, with many struggling to adapt to the escalating risk environment. These findings stem from ‘The State of Software Supply Chain Security Risk’ report, released today by Synopsys in collaboration with the Ponemon Institute. The report highlights that half of … Read more
Advanced Cyber Defence Systems (ACDS) has today joined the US Cybersecurity & Infrastructure Security Agency’s (CISA) and UK National Cyber Security Centre’s (NCSC) Secure by Design pledge, becoming one of the first 100 companies, alongside AWS, Microsoft, Google, Cisco, and IBM, to commit to enhancing product security within a year. The pledge, focused on enterprise … Read more