Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware
Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-20.....»»
Feathers, cognition and global consumerism in colonial Amazonia
Amazonia is the home of the largest variety of birds in the world. In such a unique environment, craft cultures have flourished by translating the beauty and creativity of environmental materials like feathers into stunning pieces of art......»»
Beware of this malware disguising itself as a Chrome update
A new Android malware has been discovered. This time it comes in the form of a fake Chrome update that will steal your logins. The post Beware of this malware disguising itself as a Chrome update appeared first on Phandroid. Every now and.....»»
Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades
There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are “not aware at this time of any malicious a.....»»
Onyxia launches AI-powered predictive insights to optimize security management
Onyxia Cyber unveiled OnyxAI to deliver insights that enable security leaders to proactively optimize security performance, resource allocation, and risk management. “We are seeing a real need in the market for security solutions that can simplify.....»»
Researchers explore an old galactic open cluster
Using data from ESA's Gaia satellite, astronomers from Turkey and India have investigated NGC 188—an old open cluster in the Milky Way. Results of the study, published April 19 on the pre-print server arXiv, deliver important insights into the para.....»»
First high-resolution 3D nanoscale chemical imaging achieved with multi-modal tomography
By exploiting a smart learning algorithm that fuses two microscopy signals, University of Michigan researchers have accomplished high-resolution, efficient 3D chemical imaging for the first time at the one-nanometer scale. For context, a nanometer is.....»»
Scientists" research on RNA editing illuminates possible lifesaving treatments for genetic diseases
A team at Montana State University published research this month that shows how RNA, the close chemical cousin to DNA, can be edited using CRISPRs. The work reveals a new process in human cells that has potential for treating a wide variety of geneti.....»»
Security Bite: Did Apple just declare war on Adload malware?
Following the release of new betas last week, Apple snuck out one of the most significant updates to XProtect I’ve ever seen. The macOS malware detection tool added 74 new Yara detection rules, all aimed at a single threat, Adload. So what is it ex.....»»
Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs
Stellar Cyber has revealed a new partnership with Acronis, to deliver an optimized threat detection and response solution enabling MSPs to protect on-premises, cloud, hybrid, and IT/OT environments most cost-effectively and efficiently possible. Thro.....»»
Fireblocks expands DeFi suite with threat detection features
Fireblocks introduced new security features to its DeFi suite: dApp Protection and Transaction Simulation. As the DeFi sector experiences unprecedented growth, the need for proactive security measures has never been more critical. With attackers taki.....»»
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks? Enlarge (credit: Getty Images) Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Ci.....»»
Scientists map soil RNA to fungal genomes to understand forest ecosystems
If a tree falls in the forest—whether or not anyone registers the sound—one thing is for sure: there are lots of fungi around. Within a forest's soil, hundreds of species decompose debris, mobilize nutrients from that decay, and deliver those nut.....»»
Hackers are using developing countries for ransomware practice
Businesses in Africa, Asia, and South America hit before moving on to Western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia, and Sout.....»»
Hackers are carrying out ransomware experiments in developing countries
Businesses in Africa, Asia, and South America hit before moving on to western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia and South.....»»
Antivirus updates hijacked to drop dangerous malware
Malware discovered hiding in virus database updates by Avast researchers......»»
Secureworks enables users to view known vulnerabilities in the context of threat data
Secureworks announced the ability to integrate vulnerability risk context with threat detection to prevent attackers from exploiting known vulnerabilities and expedite response times, improving an organization’s security posture. The integration be.....»»
Global attacker median dwell time continues to fall
While the use of zero-day exploits is on the rise, Mandiant’s M-Trends 2024 report reveals a significant improvement in global cybersecurity posture: the global median dwell time – the time attackers remain undetected within a target environm.....»»
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher.....»»
Forcepoint DSPM safeguards sensitive information by examining data context and content
Forcepoint has launched Forcepoint Data Security Posture Management (DSPM), driven by AI to deliver real-time visibility, ease privacy compliance and minimize risks for data stored in multi-clouds and networks, including endpoints. Forcepoint DSPM ha.....»»
Hackers infect users of antivirus service that delivered updates over HTTP
eScan AV updates were delivered over HTTP for five years. Enlarge (credit: Getty Images) Hackers abused an antivirus service for five years in order to infect end users with malware. The attack worked because the service.....»»