2024-12-13 • Medium Louis.o.schuermann • Louis Schürmann • js.magecart Open article on Malpedia

2024-12-15 • Malwarebytes • Jérôme Segura • js.fakeupdates Open article on Malpedia

Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South...

Detection engineering rabbit holes — parsing ASN.1 packets in KQLTL;DR: Detection engineering is sometimes hard. Your efforts may seem to have failed, but perseverance can pay off. Or you can...

A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not...

2024-12-12 • Kaspersky • Georgy Kucherin & Marc Rivero López • win.careto Open article on Malpedia

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA) have jointly released a... The post New CISA and EPA guidelines aim to shield water...

2024-12-13 • Securite360.net • Muffin • win.quickheal Open article on Malpedia

2024-12-14 • Axel's IT Security Research • Axel Mahr • win.xenorat Open article on Malpedia

Wiz Threat Research investigates misconfigurations in Spring Boot Actuator’s endpoints that can leak environment variables, passwords, and API keys, and even lead to remote code execution.

Large-scale campaign identified by Guardio Lans and Infoblox, exploiting malvertising and fake captchas to distribute Lumma infostealer for massive theft

In this blog, we will explore the extent to which the legislative and technical evolutions of the RuNet have impacted the Russian-speaking..

This is an in-depth LogRhythm vs SolarWinds SIEM tool comparison, covering their key features, pricing, and more. Use this guide to find your best fit.

Find out the key security risks of firmware security: Identify threats, and learn best practices and protection methods…

Healthcare software as a service (SaaS) company Phreesia is notifying over 910,000 people that their personal and health data was exposed in a May breach of its subsidiary ConnectOnCall. [...]

In early October, Bellingcat’s Tech team organised its second ever in-person hackathon, this time in Naryn, Kyrgyzstan with the theme “Visualising Nature’s Stories”. This student-only hackathon,...

The Serbian authorities have been using advanced mobile forensics products made by Israeli firm Cellebrite to extract data from mobile devices illegally

The Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service (FSB) that involves recruiting Ukrainian...

Cybercriminals are targeting YouTube creators with sophisticated phishing attacks disguised as brand collaborations. Learn how to identify these scams, protect your data, and safeguard your online presence

Rhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents' personal information after the Brain Cipher ransomware gang hacked its systems. [...]

New research from Cyfirma identified that the U.K. faces an escalating cyber threat landscape dominated by sophisticated Russian... The post Cyfirma report: UK faces intensifying cyber threats...

New Ofcom guidance is designed to help tech companies comply with their obligations around tackling illegal online harms under the Online Safety Act

Staffers at the Cybersecurity and Infrastructure Security Agency tell WIRED they fear the new administration will cut programs that keep the US safe—and “persecution.”

The comprehensive report showed how Serbian law enforcement combined Cellebrite’s tech with a novel Android-focused spyware program. The post Amnesty International exposes Serbian police’s use of...

Digital license plates sold by Reviver, already legal to buy in some states and drive with nationwide, can be hacked by their owners to evade traffic regulations or even law enforcement surveillance.

Over 200,000 YouTube creators have been targeted by malware-laden phishing emails with the aim of infecting their followers

The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named 'NoviSpy,' used to spy on activists, journalists, and protestors. [...]

A view of the H2 2024 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts

Ukrainian officials say Russian intelligence is using video games to trick children into helping the enemy

This Remote Access Checklist, created by Scott Matteson for TechRepublic Premium, should be used to ensure all employees have the requisite items, accounts, access, and instructions needed for...