cybersecurity
Internet Explorer still used as a malware vehicle by threat actors
Microsoft’s notorious Internet Explorer has been brought out of retirement by threat actors using its security holes to serve malware. The team at Check Point Research said it spotted a new attack in the wild which uses the ancient web browser as the delivery vehicle for malware infections. The process involves the use of a […]
How AI can make security more proactive and less reactive
In November 2022, the wider world suddenly became aware of the power and potential of artificial intelligence as ChatGPT was made available to the general public. Yet information-security practitioners were already familiar with automation and machine learning, which they had been using for many years in the forms of security orchestration, automation and response (SOAR) […]
Russia Blocks VPN Services in Information Crackdown
In a new move to restrict access to information, the Russian government has requested the removal of several virtual private access (VPN) products as well as the ban of voice over IP (VoIP) services. The London-based independent Russian media outlet MediaZona reported on July 4 that Apple removed 25 VPN apps from its App Store following a request from Roskomnadzor, […]
New APT CloudSorcerer Malware Hits Russian Target
Cybersecurity researchers have uncovered a new advanced persistent threat (APT) targeting Russian government entities, dubbed CloudSorcerer. This sophisticated cyberespionage tool, discovered by Kaspersky in May 2024 and discussed in an advisory published by the firm on June 8, is designed for stealth monitoring, data collection and exfiltration, utilizing Microsoft Graph, Yandex Cloud and Dropbox for […]
Australian police arrest hacker who created ‘Evil Twin’ wireless network to steal data during flights
Hacker faces multiple charges that carry multiple years imprisonment The Australian Federal Police recently arrested and charged a man who used an ‘Evil Twin’ free Wi-Fi access point to steal data from victims on a domestic flight. 42-year-old Michael Clapsis now faces nine cybercrime charges for the alleged attack. According to the official reports, The AFP’s […]
Microsoft patents a technique to display encrypted documents so only you can see them
It seems to be a better system than AMD’s Privacy View feature but like all of them, it can’t solve one key issue. If you’re working on an important document in a busy environment and don’t want people to see what you’re doing at a glance, then you could use a privacy screen on the […]
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
A newly patched zero-day vulnerability was exploited by Chinese state-backed hackers to compromise Cisco Nexus switches, researchers have revealed. Cisco released a patch for CVE-2024-20399 on 2 July, 2024. The flaw is found in the CLI of Cisco NX-OS software and could allow an authenticated local attacker to execute arbitrary commands as root on a […]
WordPress Plugins at Risk From Polyfill Library Compromise
WordPress plugins are currently facing significant security risks due to a recent discovery detailed in a security advisory published by Patchstack today. The advisory references a Polyfill supply chain attack initially reported on June 25 by Sansec. This attack targets Polyfill.js, a widely used JavaScript library that enables modern functionality on older web browsers lacking native […]
Nvidia patches five high-severity bugs in its software
High-flying Nvidia took care of some routine business on June 6 when it reported three high-severity bugs in its GPU Display Driver and another two high-severity bugs in Nvidia’s vGPU software. In a security bulletin to customers, Nvidia said an exploit of the GPU Display Driver bugs could lead to a combination or all of […]
CapraRAT malware targeting Android users with fake apps
A politically driven threat actor has unleashed a fresh malware offensive targeting Android devices. Experts at SentinelLabs have identified a new tool, CapraRAT, deployed by the Pakistani state-sponsored hacking group Transparent Tribe. This sophisticated trojan is designed to monitor user activities, with Indian users being the primary focus. Echoing its past strategies, Transparent Tribe’s CapraRAT […]