Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa
By:
Jan 18, 2023Ravie LakshmananCyber Threat / Malware
An ongoing campaign dubbed Earth Bogle is leveraging geopolitical-themed lures to deliver the NjRAT remote access trojan to victims across the Middle...
Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware
By:
Jan 17, 2023Ravie LakshmananThreat Response / Malware
New research has found that it is possible for threat actors to abuse a legitimate feature in GitHub Codespaces to deliver malware...
New Backdoor Created Using Leaked CIA’s Hive Malware Discovered in the Wild
By:
Jan 16, 2023Ravie LakshmananThreat Landscape / Malware
Unidentified threat actors have deployed a new backdoor that borrows its features from the U.S. Central Intelligence Agency (CIA)'s Hive multi-platform malware...
Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident
By:
Jan 14, 2023Ravie LakshmananDevOps / Data Security
DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee's laptop and leveraged malware to steal their two-factor authentication-backed...
Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability
By:
Jan 14, 2023Ravie LakshmananServer Security / Patch Management
A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under...
Beware: Tainted VPNs Being Used to Spread EyeSpy Surveillanceware
By:
Jan 13, 2023Ravie LakshmananVPN / Surveillanceware
Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of a malware campaign that started in...
Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System
By:
Jan 12, 2023Ravie LakshmananData Security / Privacy
Twitter on Wednesday said that its investigation found "no evidence" that users' data sold online was obtained by exploiting any security vulnerabilities...
IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours
By:
Jan 12, 2023Ravie LakshmananActive Directory / Malware
A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24...
Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach
By:
Jan 06, 2023Ravie LakshmananCloud Security / Cyber Threat
Cloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last month's breach.
The security...
Mitigate the LastPass Attack Surface in Your Environment with this Free Tool
By:
Jan 05, 2023The Hacker NewsPassword Management / IT Breach
The latest breach announced by LastPass is a major cause for concern to security stakeholders. As often occurs, we are...
