A new malware strain, ELF!tr, has been linked to the DaggerFly espionage group and used in the Lunar Peek campaign to target Linux-based network appliances. Its primary function is data exfiltration. How the Malware Works Uncovered by cybersecurity researchers at FortiGuard Labs, the…
Feb 04, 2025Ravie LakshmananVulnerability / Cyber Espionage A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW)…
Infostealers continued to grow in popularity on the cybercrime underground last year, with credentials from password stores appearing in 29% of malware samples analyzed by Picus Security. The security vendor’s Red Report 2025 examined over one million malware samples and…
Feb 04, 2025The Hacker NewsThreat Detection / Cloud Security As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities…
Texas Governor Greg Abbott has announced plans to create a Texas Cyber Command, designed to combat a “dramatic” rise in cyber-attacks targeting the US state. Abbott unveiled the Cyber Command as an emergency item during his State of the State…
Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek’s Artificial Intelligence (AI) platform, citing security risks. “Government agencies and critical infrastructure should not use DeepSeek, because it endangers national information security,” according to a…
Visitors to at least 17 e-commerce sites including Casio UK may have had their credit card details stolen by web skimmer malware, researchers have warned. Jscrambler said that the casio.co.uk infection was active January 14-24, but was remediated by the…
Feb 04, 2025Ravie LakshmananVulnerability / Mobile Security Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS…
Feb 04, 2025The Hacker NewsVulnerability / Cloud Security Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The…
Feb 04, 2025Ravie LakshmananVulnerability / SharePoint Cybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Microsoft SharePoint connector on Power Platform that, if successfully exploited, could allow threat actors to harvest a user’s credentials and stage follow-on attacks.…
All Rights Reserved. Kowatek Blog by IWUCHI
Home | About Us | Disclaimer | Privacy Policy | Contact Us
