Internet Security

CVE-2024-44243 macOS flaw allows persistent malware installation

January 15, 2025 add comment
Microsoft disclosed details of a vulnerability in Apple macOS that could have allowed an attacker to bypass the OS’s System Integrity Protection (SIP). Microsoft disclosed details of a now-patched... Read more »

FBI deleted China-linked PlugX malware from over 4,200 US computers

January 14, 2025 add comment
The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. Department of Justice reported. The Justice Department and FBI, along... Read more »

Russia-linked APT UAC-0063 target Kazakhstan in with HATVIBE malware

January 14, 2025 add comment
Russia-linked threat actor UAC-0063 targets Kazakhstan to gather economic and political intelligence in Central Asia. Russia-linked threat actors UAC-0063 is targeting Kazakhstan as part of a cyber espionage campaign... Read more »

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

January 14, 2025 add comment
Experts warn of a new campaign targeting an alleged zero-day in Fortinet FortiGate firewalls with management interfaces exposed online. Arctic Wolf researchers observed a campaign targeting Fortinet FortiGate firewalls... Read more »

Threat actors exploit Aviatrix Controller flaw to deploy backdoors and cryptocurrency miners

January 14, 2025 add comment
A critical vulnerability in Aviatrix Controller is actively exploited to deploy backdoors and cryptocurrency miners in the wild. A security researcher Jakub Korepta discovered a critical vulnerability, tracked as... Read more »

U.S. CISA adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

January 13, 2025 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds BeyondTrust PRA and RS and Qlik Sense flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency... Read more »

Inexperienced actors developed the FunkSec ransomware using AI tools

January 13, 2025 add comment
FunkSec, a new ransomware group that attacked more than 80 victims in December 2024, was developed using AI tools. The FunkSec ransomware-as-a-service (RaaS) group has been active since late... Read more »

Credit Card Skimmer campaign targets WordPress via database injection

January 13, 2025 add comment
Stealthy credit card skimmer targets WordPress e-commerce sites, injecting malicious JavaScript into CMS database tables to evade detection. Sucuri researchers warn of a stealthy credit card skimmer campaign targeting... Read more »

Microsoft took legal action against crooks who developed a tool to abuse its AI-based services

January 13, 2025 add comment
In December, Microsoft sued a group for creating tools to bypass safety measures in its cloud AI products. Microsoft filed a complaint with the Eastern District Court of Virginia... Read more »

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

January 12, 2025 add comment
Over the weekend, Italy faced new waves of DDoS attacks carried out by pro-Russia group NoName057(16). Pro-Russia hackers Noname057(16) targeted Italian ministries, institutions, critical infrastructure’s websites and private organizations... Read more »
Subscribe to our Newsletter