admin

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events

[ad_1] Feb 29, 2024NewsroomCyber Espionage / Malware A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come from the Ambassador of…

Read More

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

[ad_1] At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as maintain persistent access to…

Read More

Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors

[ad_1] Feb 28, 2024NewsroomCyber Espionage / Malware An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned…

Read More

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

[ad_1] Feb 28, 2024NewsroomRansomware / Healthcare The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. “Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized,” the government said in an updated advisory. “This…

Read More

Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data

[ad_1] Feb 28, 2024The Hacker NewsWebinar / Privacy In today’s digital era, data privacy isn’t just a concern; it’s a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform (CDP). Join us for a…

Read More

TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users

[ad_1] Feb 28, 2024NewsroomPhishing Attack / Malware Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos, which discovered the activity, described the authors as skilled and that the “threat actor has previously used similar tactics, techniques and procedures (TTPs)…

Read More

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28’s MooBot Threat

[ad_1] Feb 28, 2024NewsroomFirmware Security / Vulnerability In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember. The botnet, named…

Read More

New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

[ad_1] Feb 27, 2024NewsroomSupply Chain Attack / Data Security Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. “It’s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any…

Read More