Cybercrime
-
New WinRAR Vulnerability Poses Risk of Arbitrary Code Execution
A newly disclosed vulnerability in WinRAR allows attackers to bypass essential Windows security mechanisms, enabling arbitrary code execution on affected systems, prompting urgent updates and user vigilance.
-
Oracle Acknowledges Data Breach Amid Lawsuit Over Concealment
Oracle Corp. has admitted to a significant data breach, revealing that a hacker accessed sensitive client login details, shortly after a lawsuit accused the company of attempting to cover up the incident. The breach has raised serious concerns about cloud security and has led to legal action amid calls for enhanced security measures.
-
NSA Issues Warning on Fast Flux Technique Threatening National Security
The NSA has issued a grave warning about the fast flux technique being exploited by cybercriminals and nation-states, which obscures malicious activities and threatens national security.
-
North Korean Hackers Expand Malicious Software Distribution via npm
North Korean hackers have expanded their distribution of malicious software through the npm ecosystem, targeting developers with newly identified packages that deploy the BeaverTail malware and a remote access trojan. Security experts warn of the persistent threat posed by this group as they adopt sophisticated methods to evade detection.
-
Emerging Cybercriminal Coquettte Exposed for Leveraging Russian Bulletproof Hosting Service
An investigation reveals Coquettte, a novice cybercriminal, who exploited a Russian bulletproof hosting service to distribute malware under the guise of an antivirus tool. This has raised significant cybersecurity concerns regarding emerging threats in the digital landscape.
-
Massive Data Breach at Royal Mail Group Raises Concerns Over Supplier Security
Royal Mail Group has suffered a data breach revealing 144GB of sensitive data, raising alarms over the security of third-party supplier Spectos and highlighting ongoing vulnerabilities within the postal service’s cybersecurity posture.
-
Australian Retirement Funds Targeted in Cyberattack, Thousands Affected
The Australian retirement fund sector is in turmoil following a series of cyberattacks that have led to unauthorized access of customer accounts. Approximately 8,000 members of Rest super fund have been identified as potentially affected, with broader implications for other funds as investigations continue into the security breaches.
-
New Phishing-as-a-Service Operation Utilizes Advanced Evasion Techniques
The Morphing Meerkat phishing operation employs advanced techniques including DNS over HTTPS to evade detection and deliver dynamic spoofed login pages for over 114 brands.
-
Russian Authorities Arrest Suspects Behind Mamont Banking Trojan
Russian authorities have made significant strides in combating cybercrime with the arrest of three suspects involved in the development of the Mamont malware, a banking trojan targeting Android devices. The arrests, part of a broader crackdown on cyber threats, highlight ongoing efforts to address the rising challenges posed by financial fraud.
-
New Cybercrime Platform Automates Credential Stuffing Attacks on 140 Online Services
The newly discovered Atlantis AIO platform automates credential stuffing attacks against 140 online services, providing cybercriminals with tools to exploit vulnerabilities in systems lacking adequate security measures.