News
-
New Phishing-as-a-Service Operation Utilizes Advanced Evasion Techniques
The Morphing Meerkat phishing operation employs advanced techniques including DNS over HTTPS to evade detection and deliver dynamic spoofed login pages for over 114 brands.
-
Russian Authorities Arrest Suspects Behind Mamont Banking Trojan
Russian authorities have made significant strides in combating cybercrime with the arrest of three suspects involved in the development of the Mamont malware, a banking trojan targeting Android devices. The arrests, part of a broader crackdown on cyber threats, highlight ongoing efforts to address the rising challenges posed by financial fraud.
-
Security Bypasses Detected in Ubuntu Linux’s User Namespace Restrictions
A new report from Qualys reveals that three security bypasses have been found in Ubuntu Linux’s user namespace restrictions, potentially allowing local attackers to exploit kernel vulnerabilities. Canonical is working on enhancing AppArmor protections in response.
-
Cloudflare Open-Sources OPKSSH to Enhance SSH Management with Single Sign-On Integration
Cloudflare has announced the open-sourcing of OPKSSH, a tool that integrates single sign-on technologies into SSH management, enhancing security and user convenience by replacing long-lived SSH keys with ephemeral keys generated on demand.
-
New Cybercrime Platform Automates Credential Stuffing Attacks on 140 Online Services
The newly discovered Atlantis AIO platform automates credential stuffing attacks against 140 online services, providing cybercriminals with tools to exploit vulnerabilities in systems lacking adequate security measures.
-
Sam’s Club Investigates Potential Clop Ransomware Breach
Sam’s Club is investigating claims of a potential Clop ransomware breach, amidst heightened scrutiny on security measures. The supermarket chain operates hundreds of locations across multiple countries and prioritizes customer data security.
-
Fake DeepSeek Ads Spread Malware Through Google Search Results
Fake ads impersonating the AI company DeepSeek are spreading malware via Google search results, with the campaign identified by Malwarebytes researchers. The ads lead users to malicious sites that deploy a Trojan targeting cryptocurrency wallets.
-
FamousSparrow Hackers Enhance Cyber Attacks with Modular Backdoor
A China-linked cyberespionage group known as FamousSparrow has intensified its operations by deploying an upgraded version of its backdoor malware, SparrowDoor, against several organizations, including a US-based trade group. ESET researchers have identified significant improvements in the malware’s structure and capabilities, raising concerns about the group’s access to advanced cyber tools.
-
Malaysian PM Declines $10 Million Ransom Following Cyber Attack on Kuala Lumpur Airport
Malaysian Prime Minister Anwar Ibrahim has firmly rejected a $10 million ransom demand from hackers following a cyber attack that disrupted operations at Kuala Lumpur International Airport, emphasizing the importance of national cybersecurity.
-
New Phishing Kit Targets Users by Impersonating 114 Brands Using DNS
Cybersecurity researchers have identified a new phishing-as-a-service platform dubbed Morphing Meerkat, which utilizes DNS records to execute targeted phishing attacks against 114 brands, employing sophisticated techniques to manage and disseminate stolen credentials.
