Internet Security

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

July 24, 2024 add comment
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added... Read more »

China-linked APT group uses new Macma macOS backdoor version

July 24, 2024 add comment
China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an updated version of the macOS backdoor Macma. The China-linked APT group Daggerfly (aka Evasive... Read more »

FrostyGoop ICS malware targets Ukraine

July 23, 2024 add comment
In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems (ICS) using the Modbus protocol. In April 2024, Dragos researchers discovered a new ICS... Read more »

Hackers abused swap files in e-skimming attacks on Magento sites

July 23, 2024 add comment
Threat actors abused swap files in compromised Magento websites to hide credit card skimmer and harvest payment information. Security researchers from Sucuri observed threat actors using swap files in... Read more »

US Gov sanctioned key members of the Cyber Army of Russia Reborn hacktivists group

July 23, 2024 add comment
The US government sanctioned two Russian hacktivists for their cyberattacks targeting critical infrastructure, including breaches of water facilities. The United States sanctioned Russian hacktivists Yuliya Vladimirovna Pankratova and Denis... Read more »

EvilVideo, a Telegram Android zero-day allowed sending malicious APKs disguised as videos

July 22, 2024 add comment
EvilVideo is a zero-day in the Telegram App for Android that allowed attackers to send malicious APK payloads disguised as videos. ESET researchers discovered a zero-day exploit named EvilVideo... Read more »

SocGholish malware used to spread AsyncRAT malware

July 22, 2024 add comment
The JavaScript downloader SocGholish (aka FakeUpdates) is being used to deliver the AsyncRAT and the legitimate open-source project BOINC. Huntress researchers observed the JavaScript downloader malware SocGholish (aka FakeUpdates)... Read more »

UK police arrested a 17-year-old linked to the Scattered Spider gang

July 22, 2024 add comment
Law enforcement arrested a 17-year-old boy from Walsall, U.K., for suspected involvement in the Scattered Spider cybercrime syndicate. Law enforcement in the U.K. arrested a 17-year-old teenager from Walsall... Read more »

Security Affairs Malware Newsletter – Round 3

July 21, 2024 add comment
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Hardening of HardBit    10,000 Victims a Day: Infostealer Garden of... Read more »

Security Affairs newsletter Round 481 by Pierluigi Paganini – INTERNATIONAL EDITION

July 21, 2024 add comment
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of... Read more »
Subscribe to our Newsletter