One Step Ahead in Cyber Hide-and-Seek: Automating Malicious Infrastructure Discovery With Graph Neural Networks

When launching and persisting attacks at scale, threat actors can inadvertently leave behind traces of information. They often reuse, rotate and share portions of their infrastructure when automating their campaign’s setup before launching an attack. Defenders can leverage this behavior Read More …

Analyzing CVE-2024-44243, a macOS System Integrity Protection bypass through kernel extensions

Microsoft Threat Intelligence discovered a new macOS vulnerability that could allow attackers to bypass Apple’s System Integrity Protection (SIP) in macOS by loading third party kernel extensions. SIP is a security technology that restricts the performance of operations that may Read More …

Nominet confirms cybersecurity incident linked to Ivanti VPN hacks

Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent exploitation of a new Ivanti VPN vulnerability. In an email to customers, seen by TechCrunch, Nominet warned of Read More …

UK: Hackney Council still addressing 2020 cyber attack

Hackney Council has bought a new housing management system – technology that supports local authorities manage housing – as it tries to address the damage from a cyber attack four years ago. The October 2020 cyber attack left a lasting Read More …

Burning Zero Days: Suspected Nation-State Adversary Targets Ivanti CSA

Today FortiGuard Labs is releasing this blog post about a case where an advanced adversary was observed exploiting three vulnerabilities affecting the Ivanti Cloud Services Appliance (CSA). At the time of our investigation, two out of the three identified vulnerabilities Read More …

Meet FunkSec: A New, Surprising Ransomware Group, Powered by AI

The FunkSec ransomware group emerged in late 2024 and published over 85 victims in December, surpassing every other ransomware group that month. FunkSec operators appear to use AI-assisted malware development, which can enable even inexperienced actors to quickly produce and Read More …

Cracking the Code: How Banshee Stealer Targets macOS Users

Since September, Check Point Research (CPR) has been monitoring a new version of the Banshee macOS Stealer, a malware that steals browser credentials, cryptocurrency wallets, and other sensitive data. Undetected for over two months, Banshee’s latest version introduced string encryption Read More …

Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit

In December 2024, two critical vulnerabilities in Microsoft’s Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments. In Read More …

Google Chrome AI extensions deliver info-stealing malware in broad attack

Small businesses and boutique organizations should use caution when leaning on browser-friendly artificial intelligence (AI) tools to generate ideas, content, and marketing copy, as a set of Google Chrome extensions were recently compromised to deliver info-stealing malware disguised as legitimate Read More …