- Cracking the Code: How Banshee Stealer Targets macOS Users
January 9, 2025
Since September, Check Point Research (CPR) has been monitoring a new version of the Banshee macOS Stealer, a malware that steals browser credentials, cryptocurrency wallets, and other sensitive data. Undetected for over two months, Banshee’s latest version introduced string encryption taken from Apple’s XProtect, likely causing antivirus detection systems to overlook the malware. Threat actors distributed ...
- Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
January 9, 2025
In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments. In this blog entry, Trend Micro researchers discuss a fake proof-of-concept (PoC) exploit for CVE-2024-49113 (aka LDAPNightmare) ...
- Google Chrome AI extensions deliver info-stealing malware in broad attack
January 9, 2025
Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate updates. Analyzed by researchers at Extension Total, the cybercriminal campaign has managed to take over the ...
- Active Exploitation of Zero-Day Vulnerability in Ivanti Connect Secure
January 9, 2025
CVE-2025-0282 is a ‘stack-based buffer overflow’ vulnerability with a CVSSv3 score of 9.0. If exploited, a remote unauthenticated attacker could execute arbitrary code (ACE). CVE-2025-0283 is a ‘stack-based buffer overflow’ vulnerability with a CVSSv3 score of 7.0. If exploited, a local authenticated attacker could escalate their privileges. Affected organisations must review the Ivanti Security Advisory and ...
- Japan links Chinese hacker MirrorFace to dozens of cyberattacks targeting security and tech data
January 8, 2025
Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures. MirrorFace sent emails with attachments containing malware to targeted organizations and individuals to view ...
- Enhancing Botnet Detection with AI using LLMs and Similarity Search
January 8, 2025
As botnets continue to evolve, so do the techniques required to detect them. While Transport Layer Security (TLS) encryption is widely adopted for secure communications, botnets leverage TLS to obscure command-and-control (C2) traffic. These malicious actors often have identifiable characteristics embedded within their TLS certificates, opening a potential pathway for advanced detection techniques. In first-of-its-kind research, ...
- Multiple Vulnerabilities in SonicOS
January 8, 2025
SonicWall has released a security advisory to address three high severity vulnerabilities and one medium severity vulnerability in SonicOS. SonicWall appliances are security appliances that provide virtual private network (VPN) and ‘next-gen’ firewall capabilities. Read more… Source: NHS Digital Sign up for our Newsletter Related:
- AI-supported spear phishing fools more than 50% of targets
January 7, 2025
One of the first things everyone predicted when artificial intelligence (AI) became more commonplace was that it would assist cybercriminals in making their phishing campaigns more effective. Now, researchers have conducted a scientific study into the effectiveness of AI supported spear phishing, and the results line up with everyone’s expectations: AI is making it easier to ...
- US state sues T-Mobile over 2021 data breach which leaked data of millions
January 7, 2025
As part of Washington’s lawsuit, the state claims T-Mobile failed to ‘adequately secure sensitive personal information of more than 2 million Washingtonians’. This failure, the state claims, left those consumers vulnerable to fraud and identity theft. The suit claims that the breach was ‘entirely avoidable’ and explains T-Mobile had years to fix key vulnerabilities in its ...
- Cybertruck driver used ChatGPT to plan Las Vegas attack
January 7, 2025
Police found a six-page manifesto on Matthew Livelsberger’s phone and said he used ChatGPT to plan his New Year’s Day bombing at the Trump International Hotel in Las Vegas, Sheriff Kevin McMahill said at a news conference Tuesday. A few of the entries posted in the application included “How much Tannerite is equivalent to 1 pound ...