The UK’s financial regulators have scrapped plans to mandate that “critical third party” (CTP) organizations disclose new software vulnerabilities to them. The decision was taken in response to feedback on a new set of policies, which are designed to enhance…
Nov 14, 2024Ravie LakshmananMalware / Vulnerability A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability in question, CVE-2024-43451 (CVSS…
Arion Kurtaj, a teenager from the UK, amassed a fortune through audacious cybercrimes. From stealing Grand Theft Auto 6 secrets to erasing Brazil’s COVID vaccination data, his exploits were legendary. But his hacking spree took a bizarre turn when he…
A new technique by the Lazarus Advanced Persistent Threat (APT) group has been used by the threat actor to smuggle malicious code onto macOS systems, using custom extended attributes. This innovative method, observed by Group-IB, bypasses traditional security measures, enabling…
Researchers at Google Cloud believe the AI threat will worsen in 2025 despite not having had the catastrophic impact some analysts initially predicted. In its Cybersecurity Forecasts 2025, the tech giant anticipates that successful malicious use of AI observed in…
Nov 13, 2024Ravie LakshmananCyber Espionage / Malware The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group’s playbook to orchestrate its own version of the Dream Job campaign targeting the…
Ongoing campaigns by cybercriminal group Hive0145 have launched a series of attacks across Europe, deploying the sophisticated Strela Stealer malware to steal sensitive email credentials. IBM X-Force researchers reported in a new advisory today that this wave primarily targets Spain,…
Nov 13, 2024Ravie LakshmananThreat Intelligence / Cyber Espionage A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE,…
Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker’s inner workings, allowing the researchers to discover a “specific window…
Nov 13, 2024The Hacker NewsBrowser Security / SaaS Security The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
