The India-linked threat actor tracked as Patchwork was observed employing a new variant of the BADNEWS backdoor in a recent campaign, but the hackers also infected one of their own computers, giving researchers a glimpse into their operations.
The aggressive Zloader banking malware campaign is exploiting Microsoft’s digital signature verification method to inject code into a signed system DLL, according to researchers at Check Point.
VMware this week shipped security updates for its Workstation, Fusion and ESXi product lines, warning that a heap-overflow vulnerability could expose users to code execution attacks.
With eyes firmly set on the booming attack surface management space, threat intel powerhouse Recorded Future is shelling out $65 million to purchase SecurityTrails, a startup that helps organizations keep track of internet-facing assets.
U.S. government agencies and cybersecurity companies are warning users and organizations about cybercriminals abusing Google services to achieve their goals.
FBI warns about Google Voice abuse
Threat hunters in the U.K.’s National Health Service have raised an alarm for an unknown threat actor hitting vulnerable VMWare Horizon servers with exploits for the ubiquitous Log4j security flaw.
Amnesty International said Thursday it has independently confirmed that powerful spyware from the Israeli surveillance software maker NSO Group was used to hack a Polish senator multiple times in 2019 when he was running the opposition’s parliamentary election campaign.
A large-scale, long-term phishing experiment conducted in a 56,000-employee organization has come to a startling conclusion: Those simulated phishing tests commonly seen in corporate user-education campaigns are actually making things much worse.
Microsoft has quietly started notifying some Azure customers that a serious security vulnerability in the Azure App Service has caused the exposure of hundreds of source code repositories.
French video game company Ubisoft this week confirmed that ‘Just Dance’ user data was compromised in a recent cybersecurity incident.
The data breach was the result of a misconfiguration that has since been corrected, but not before player data was accessed and potentially copied by a third party.
Impostazioni privacy
Questo sito utilizza i cookie per migliorare la tua esperienza di navigazione su questo sito.
