How secret rise of zero-day brokers is causing worldwide security risks

Zero-day hackers exploit security vulnerabilities in software that the developers of that software are often completely oblivious about. Imagine scrolling through your social media feed when a notification pops up, seemingly from a trusted friend. It contains a funny meme Read More …

Police bust global cyber gang accused of industrial-scale fraud

Police have taken down a gang accused of using a technology service that helped criminals use fraudulent text messages to steal from victims. They have arrested 37 people worldwide and are contacting victims. Officers say younger people who grew up Read More …

SoumniBot: the new Android banker’s unique techniques

The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or Read More …

Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters

Attackers are constantly seeking new vulnerabilities to compromise Kubernetes environments. Microsoft recently uncovered an attack that exploits new critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity. OpenMetadata is an open-source platform designed Read More …

CVE-2024-3400: Critical Command Injection Vulnerability in Palo Alto Networks Firewalls

On Friday, April 12, Palo Alto Networks published an advisory on CVE-2024-3400, a CVSS 10 zero-day vulnerability in several versions of PAN-OS, the operating system that runs on the company’s firewalls. According to the vendor advisory, if conditions for exploitability Read More …

Botnets Continue Exploiting CVE-2023-1389 for Wide-Scale Spread

Last year, a command injection vulnerability, CVE-2023-1389, was disclosed and a fix developed for the web management interface of the TP-Link Archer AX21 (AX1800). FortiGuard Labs has developed an IPS signature to tackle this issue. Recently, their researchers observed multiple Read More …

Trust Wallet Issues Warning to Apple Users About Zero-Day Exploit in iMessage

Trust Wallet, a popular web3 wallet, has issued a warning to Apple users, urging them to disable iMessage due to “credible intel” regarding a zero-day exploit. The company shared the alert on X, stating that the exploit, which is being Read More …

From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering

Proofpoint researchers track numerous state-sponsored and state-aligned threat actors. TA427 (also known as Emerald Sleet, APT43, THALLIUM or Kimsuky), a Democratic People’s Republic of Korea (DPRK or North Korea) aligned group working in support of the Reconnaissance General Bureau, is Read More …

Cisco Duo says a third-party data breach stole MFA SMS logs

Cisco Duo has confirmed some sensitive customer data was stolen after a third-party cyber-incident. In a breach notification letter sent to affected customers, Cisco Duo said that its telephony provider, which it didn’t name, was compromised on April 1 2024. Read More …