Apache ActiveMQ bug exploited to deliver Kinsing malware
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. CVE-2023-46604 exploitation Apache ActiveMQ is a popular Java-based open sourc.....»»
New macOS malware impersonates popular apps then steals your data
Security researchers have discovered new macOS malware that’s built to steal your most sensitive data. Dubbed ‘Cthulhu Stealer,’ the malware targets users by impersonating popular apps so it can harvest your system password, iCloud Keychain pas.....»»
Evolved and more powerful macOS malware strain sold cheaply to criminals
Researchers have discovered another data-seizing macOS malware, with "Cthulhu Stealer" sold to online criminals for just $500 a month.Cthulhu Stealer in action [Cado Security]The Mac is becoming even more of a target for malware, with warnings surfac.....»»
This new Android malware can steal your card details via the NFC chip
Security researchers spot a sophisticated attack that steals people's NFC data and can be used to steal money, and more......»»
New Chrome zero-day actively exploited, patch quickly! (CVE-2024-7971)
A new Chrome zero-day vulnerability (CVE-2024-7971) exploited by attackers in the wild has been fixed by Google. About CVE-2024-7971 CVE-2024-7971 is a high-severity vulnerability caused by a type confusion weakness in V8, the open-source JavaScript.....»»
Android malware uses NFC to steal money at ATMs
ESET researchers uncovered NGate malware, which can relay data from victims’ payment cards via a malicious app installed on their Android devices to the attacker’s rooted Android phone. Attack overview (Source: ESET) Unauthorized ATM withdrawals.....»»
According to the UN, Canadians with intellectual disabilities are being exploited
Canada was recently criticized by Tomoya Obokata, the United Nations Special Rapporteur on Contemporary Forms of Slavery, in relation to the shortcomings of the temporary foreign worker program......»»
When Will Apple Release iOS 18.1?
Apple’s currently testing two versions of iOS 18. One version is iOS 18.0, the version will arrive alongside the iPhone 16 series. The other is iOS 18.1, the version that will deliver the company’s initial batch of Apple Intelligence feat.....»»
0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193)
CVE-2024-38193, an actively exploited zero-day that Microsoft patched earlier this month, has been leveraged by North Korean hackers to install a rootkit on targets’ computers, Gen Digital researchers have revealed. About CVE-2024-38193 CVE-202.....»»
Cybercriminals exploit file sharing services to advance phishing attacks
Threat actors use popular file-hosting or e-signature solutions as a disguise to manipulate their targets into revealing private information or downloading malware, according to Abnormal Security. A file-sharing phishing attack is a unique type of ph.....»»
Vulnerability in Microsoft apps allowed hackers to spy on Mac users
A vulnerability found in Microsoft apps for macOS allowed hackers to spy on users. Security researchers from Cisco Talos reported in a blog post how the vulnerability could be exploited by attackers and what Microsoft has been doing to fix the explo.....»»
Windows 0-day was exploited by North Korea to install advanced rootkit
FudModule rootkit burrows deep into Windows, where it can bypass key security defenses. Enlarge (credit: Getty Images) A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on be.....»»
Australia"s nature is in deep crisis. These three easy steps could give new environmental laws teeth
The Albanese government's environmental reforms are likely to feature prominently on federal parliament's agenda this week. A Senate inquiry into the long-awaited reforms is due to deliver its findings on Monday. Meanwhile, the Coalition is reportedl.....»»
x64dbg: Open-source binary debugger for Windows
x64dbg is an open-source binary debugger for Windows, designed for malware analysis and reverse engineering of executables without access to the source code. It offers a wide range of features and a plugin system, allowing you to customize and extend.....»»
He dreamed of the ultimate boxing game. Now he’s working with champions
Undisputed looks to deliver a meticulously detailed boxing simulator. To test that vision, we watched the real thing with its creator......»»
Week in review: MS Office flaw may leak NTLM hashes, malicious Chrome, Edge browser extensions
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited.....»»
Apple"s Mac mini drops to as low as $499, grab discounts up to $250 off
Today's best Mac mini deals deliver price cuts of up to $250 off and prices as low as $499.The current Mac mini is a popular choice among budget-conscious consumers who are eager to enter the Mac ecosystem. Thanks to back-to-school deals from leading.....»»
This new threat proves that Macs aren’t immune from malware
The latest malware threat for Mac users targets popular browsers that you could be using this very instant. Which ones are affected?.....»»
Banshee Stealer malware haunts browser extensions on macOS
Security researchers have discovered a new malware for macOS, which can be used to attack over 100 browser extensions that may be installed on the target Mac.Web browser extensions are the target of Banshee Stealer on macOSApple tries hard to make ma.....»»
Business and tech consolidation opens doors for cybercriminals
Cyber threats continued to intensify in the first half of 2024 as cybercriminals exploited security gaps from growing business and technological consolidation, according to Resilience. Consolidation in business and tech fuels new third-party risks Re.....»»
IntelOwl: Open-source threat intelligence management
IntelOwl is an open-source solution designed for large-scale threat intelligence management. It integrates numerous online analyzers and advanced malware analysis tools, providing comprehensive insights in one platform. “In late 2019, I faced a.....»»