A new campaign dubbed 'SparkCat' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]

A new campaign dubbed 'SparkCat' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]

Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek's Artificial Intelligence (AI) platform, citing security risks. "Government agencies and...

The following is the information on Yara and Snort rules (week 1, February 2025) collected and shared by the AhnLab TIP service. 14 YARA Rules Detection name Description Source PK_Ameli_sunrise22...

If you want additional ransomware protection on your machine, you should use one that offers thorough scans, a user-friendly interface, and compatibility with your preferred operating system.

DaggerFly’s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks

A security vulnerability has been disclosed in AMD's Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions. The flaw,...

A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations

Picus Security reports infostealer surge after revealing credentials appear in 29% of malware

In a previous Trustwave SpiderLabs’ blog, we explored how cybercriminals exploit Facebook Messenger chatbots to execute social engineering attacks, deceiving users into falling victim to scams and...

Have you ever wished you had an assistant at your security operations centers (SOCs) — especially one who never calls in sick, has a bad day or takes a long lunch? Your wish may come true soon....

Left unchecked, AI's energy and carbon footprint could become a significant concern. Can our AI systems be far less energy-hungry without sacrificing performance?

Shortly after the critical zero-click OLE vulnerability in Microsoft Outlook (CVE-2025-21298), yet another dangerous security threat has come to light. A recently patched privilege escalation...

2025-02-03 • SentinelOne • Phil Stokes, Tom Hegel • osx.friendlyferret, osx.frostyferret Open article on Malpedia

Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to...

Learn how to protect yourself and your sensitive information from phishing attacks by implementing multi-factor authentication.

Austin, TX, USA, 4th February 2025, CyberNewsWire

A recent whitepaper published by Palo Alto Networks and Siemens revealed that the exploitation of remote services is... The post Palo Alto-Siemens whitepaper flags critical OT vulnerabilities; as...

A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. [...]

N. Korean ‘FlexibleFerret’ malware targets macOS with fake Zoom apps, job scams, and bug report comments, deceiving users…

2025-02-03 • TEHTRIS • Lefebvre Fabien, Pezier Pierre-Henri • win.satacom Open article on Malpedia

Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets

Stored XSS (Cross-site Scripting) vulnerability has been found in authentik software.

Netgear has fixed two critical remote code execution and authentication bypass vulnerabilities affecting multiple WiFi routers and warned customers to update their devices to the latest firmware...

Texas Governor Greg Abbott announced a Cyber Command, designed to combat surging attacks on the state by nation-states and cybercriminals

Atomic Stealer, Poseidon Stealer and Cthulhu Stealer target macOS. We discuss their various properties and examine leverage of the AppleScript framework. The post Stealers on the Rise: A Closer...

Research released Tuesday by watchTowr shows how easy an old storage bucket can be repurposed by malicious attackers. The post Here’s all the ways an abandoned cloud instance can cause security...

Thousands of people have begun returning to their abandoned homes in northern Gaza after Israeli forces opened the Netzarim corridor, which separates the northern and southern parts of the...

Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges...

Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is...