Tag: network security
The cybersecurity vendor says it has made things official for Levy, who was appointed acting CEO in February, while the company has also poached Imperva’s CFO. Sophos said Monday that Joe Levy has been named permanent CEO while the cybersecurity giant also announced the appointment of a new CFO. Levy, who was named acting CEO…
Read More
May 20, 2024NewsroomCyber Attack / Threat Intelligence An Iranian threat actor affiliated with the Ministry of Intelligence and Security (MOIS) has been attributed as behind destructive wiping attacks targeting Albania and Israel under the personas Homeland Justice and Karma, respectively. Cybersecurity firm Check Point is tracking the activity under the moniker Void Manticore, which is…
Read More
Multiple threat actors are weaponizing a design flaw in Foxit PDF Reader to deliver a variety of malware such as Agent Tesla, AsyncRAT, DCRat, NanoCore RAT, NjRAT, Pony, Remcos RAT, and XWorm. “This exploit triggers security warnings that could deceive unsuspecting users into executing harmful commands,” Check Point said in a technical report. “This exploit…
Read More
May 20, 2024The Hacker NewsSoftware Security / Vulnerability All developers want to create secure and dependable software. They should feel proud to release their code with the full confidence they did not introduce any weaknesses or anti-patterns into their applications. Unfortunately, developers are not writing their own code for the most part these days. 96%…
Read More
May 20, 2024NewsroomMalvertising / Cryptocurrency A “multi-faceted campaign” has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro. “The presence of multiple malware…
Read More
May 20, 2024NewsroomCyber Attack / Malware Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware. “These campaigns typically involve a recognizable infection chain involving oversized JavaScript files that utilize WMI’s ability to invoke msiexec.exe…
Read More
The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies. The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles on April 12 and May 16, respectively. The foreign…
Read More
May 19, 2024NewsroomBanking Troja / Email Security The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January. The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service (MaaS) model, target over 1,500 banks across the world, spanning more…
Read More
May 17, 2024NewsroomCryptojacking / Malware The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet. The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating…
Read More
Long View Systems, T-Rex Solutions, NexusTek, Secureworks, Deepwatch and Five9 are among the companies to list open positions for channel-related roles. This month, Long View Systems, T-Rex Solutions and NexusTek are among the solution providers to list open positions while Secureworks, Deepwatch and Five9 are among the vendors to list open positions for channel-related roles.…
Read More