Category Security

Dec 13, 2024Ravie LakshmananCyber Attack / Malware A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity…

Leadership training and skills are severely lacking in the cybersecurity industry, according to ISC2’s Cybersecurity Leadership Survey. The accreditation and training body found that in responses to open-ended inquiries, survey participants indicated that their cybersecurity leaders demonstrate limited or no…

Dec 13, 2024The Hacker NewsLinux / Vulnerability A security flaw has been disclosed in OpenWrt’s Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS…

Threat actors’ abuse of legitimate Microsoft tools rose by 51% in the first half of 2024 compared to 2023, according to Sophos’ latest Active Adversary Report. The researchers observed 187 unique Microsoft Living Off the Land Binaries (LOLbins) used by…

The US Government has offered a $5m reward for information that leads to the disruption of financial mechanisms of persons engaged in a fake IT worker scheme targeting US firms that support the Democratic People’s Republic of Korea (DPRK).  The…

Run by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of…

Ransomware claims reached an all-time high in November 2024, with Corvus Insurance reporting 632 victims claimed on ransomware groups’ data leak sites (DLS). More than double the monthly average of 307 victims, the November count exceeds the previous peak of…

Dec 13, 2024The Hacker NewsIoT Security / Operational Technology Iran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States. The malware has been codenamed…

Researchers at industrial cybersecurity provider Claroty have discovered a new tool nation-state cyber threat actors use to attack civilian critical infrastructure. Team82, Claroty’s threat intelligence research team, obtained a sample of IOCONTROL, custom-built malware that infects Internet of Things (IoT)…

Dec 13, 2024Ravie LakshmananLinux / Threat Analysis Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while simultaneously evading detection. “PUMAKIT is…