Author: nlqip
Feb 27, 2024The Hacker NewsMalware / Network Security An “intricately designed” remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it available to other actors at no extra cost. Written in C# and compatible with Windows 10 and Windows 11 operating systems, the open-source RAT comes with a “comprehensive set…
Read MoreChina Surveillance Company Hacked Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. I-Soon sells hacking and espionage services to Chinese national and local government. Lots of details in the news articles. These aren’t details about the tools or techniques, more the inner workings of the…
Read More
Since 2020 when we started to record ransomware attacks and trends, LockBit has continually stayed on top as the most active ransomware gang when it comes to publicly disclosed ransomware attacks. Last year, LockBit attacks made the news with 83 attacks, 13% of all publicly disclosed attacks recorded. In 2023, we began monitoring undisclosed attacks,…
Read More
Feb 27, 2024NewsroomSupply Chain Attack / Data Security Cybersecurity researchers have found that it’s possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks. “It’s possible to send malicious pull requests with attacker-controlled data from the Hugging Face service to any repository…
Read More
After two years of work, the US National Institute of Standards and Technology (NIST) has issued the 2.0 version of its widely referenced Cybersecurity Framework (CSF), expanding upon the draft 2.0 version it issued in September. The CSF 2.0, cited in President Biden’s National Cybersecurity Strategy and several emerging government cybersecurity policy statements, has shifted…
Read More
Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional’s role. Threat intelligence platforms can significantly enhance their ability to do so. Let’s find out what these platforms are and how they can empower analysts. The Challenge: Alert Overload The modern SOC faces a relentless barrage of security alerts generated…
Read More
Feb 27, 2024NewsroomCloud Security / Threat Intelligence Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes, is assessed to…
Read More
Follow this user-friendly guide for installing SSL on Nginx. Get your SSL certificate ready and use our easy instructions for SSL installation on NGINX web server. Ensuring the safety of your Nginx web server is extremely important for protecting sensitive data. You can boost your site’s trustworthiness and ensure user data confidentiality through robust security…
Read More
Feb 27, 2024NewsroomWebsite Security / Cryptojacking A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and…
Read More
Cost to join: Annual individual membership, $1,250. FirstBoard.io bills itself as a “curated collective of female tech founders, CXOs, and operating leaders working together to increase female representation on company boards” in a variety of industries, including cybersecurity, cloud, enterprise software, artificial intelligence, robotics, and internet of things. Founded in 2020 by Rita Scroggin, an…
Read More