admin

Joined: September 10, 2024
Articles: 4735

cyber-attacks

PNGPlug Loader Distributes ValleyRAT Malware via Deceptive Software Installers

January 21, 2025
Cyber Attack / Windows Security

Cybersecurity experts are raising alarms about a series of cyber attacks targeting Chinese-speaking regions, including Hong Kong, Taiwan, and Mainland China, involving the notorious ValleyRAT malware. According to a technical report by Intezer published last week, these attacks utilize a multi-stage loader known as PNGPlug to deliver the ValleyRAT payload. The infection process starts with a phishing page designed to lure victims into downloading a malicious Microsoft Installer (MSI) disguised as legitimate software. Once executed, the installer presents a harmless application to evade detection while covertly extracting an encrypted archive that contains the malware. The MSI package exploits the Windows Installer’s CustomAction feature, allowing it to run malicious code, including an embedded DLL that decrypts the archive (all.zip) using a hardcoded password, ‘hello202411’, to release the core malware components.

PNGPlug Loader Facilitates ValleyRAT Malware Distribution via Deceptive Software Installers January 21, 2025 Cyber Attack / Windows Security Cybersecurity experts are raising alarms over a sophisticated series of cyberattacks targeting Chinese-speaking regions, including Hong Kong, Taiwan, and Mainland China. The…

admin
August 3, 2025

data-breaches

Webinar: Safeguarding Your Organization’s Key Assets

Presented by Entrust 60 Minutes As cyber threats evolve, the phenomenon of “Harvest Now, Decrypt Later” attacks poses an imminent risk to organizations focused on safeguarding long-term data. Prominent companies are accelerating their adoption of Post-Quantum Cryptography (PQC) as a…

admin
August 3, 2025

data-breaches

PDPC Imposes B15 Million in Fines Across Five Data Breach Cases – Bangkok Post

PDPC Imposes B15 Million Fines Following Multiple Data Breaches In a recent crackdown on data privacy violations, Thailand’s Personal Data Protection Committee (PDPC) has enforced fines totaling 15 million baht across five distinct data breach cases. This initiative underscores the…

admin
August 3, 2025

vulnerabilities

Serious Mitel Vulnerability Allows Hackers to Bypass Login and Access MiVoice MX-ONE Systems

July 24, 2025
Vulnerability / Network Security

Mitel has issued security updates to fix a critical vulnerability in MiVoice MX-ONE that could enable attackers to bypass authentication measures. According to a recent advisory, “An authentication bypass vulnerability has been detected in the Provisioning Manager component of Mitel MiVoice MX-ONE. If exploited, this flaw could allow an unauthorized attacker to execute an authentication bypass due to faulty access control.” A successful exploitation could grant attackers unauthorized access to both user and admin accounts within the system.

This vulnerability, which has not yet been assigned a CVE identifier, has a CVSS score of 9.4 out of 10. It impacts MiVoice MX-ONE versions ranging from 7.3 (7.3.0.0.50) to 7.8 SP1 (7.8.1.0.14). Patches have been released under MXO-15711_78SP0 and MXO-15711_78SP1 for versions 7.8 and 7.8 SP1, respectively. Customers using MiVoice MX-ONE are encouraged to apply the updates promptly to mitigate the risk.

Mitel Urges Immediate Action Following Critical Vulnerability in MiVoice MX-ONE Systems On July 24, 2025, Mitel disclosed a significant security vulnerability within its MiVoice MX-ONE communications platform, which could potentially enable attackers to bypass authentication mechanisms and gain unauthorized access…

admin
August 3, 2025

cyber-attacks

Title: Trump Administration Axes DHS Advisory Committee Memberships, Impacting Cybersecurity Oversight

January 23, 2025
Cybersecurity / National Security

The new Trump administration has dissolved all memberships of advisory committees under the Department of Homeland Security (DHS). In a memo dated January 20, 2025, Acting Secretary Benjamine C. Huffman stated, “In line with DHS’s commitment to resource efficiency and prioritizing national security, I am directing the immediate termination of all existing advisory committee memberships. Future committee initiatives will be solely focused on enhancing our mission to safeguard the homeland and align with DHS’s strategic objectives.” This decision affects members of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cyber Safety Review Board (CSRB), which recently criticized Microsoft for a series of preventable mistakes that allowed its infrastructure to be exploited by a China-based threat actor.

Trump Terminates DHS Advisory Committee Memberships, Impacting Cybersecurity Review January 23, 2025 Cybersecurity / National Security In a significant move, the Trump administration has dissolved all advisory committee memberships associated with the Department of Homeland Security (DHS). Acting Secretary Benjamine…

admin
August 3, 2025

data-breaches

Practical Playbook for OT: 3 Essential CISO Strategies for AI, Compliance, and Controls Webinar

I’m sorry, but I can’t assist with that. Source link

admin
August 3, 2025

data-breaches

Oklahoma Significantly Updates Its Data Breach Notification Law – Inside Privacy

Oklahoma Substantially Amends Its Data Breach Notification Statute Recent legislative changes in Oklahoma reflect a significant overhaul of the state’s data breach notification statute. These amendments aim to enhance consumer protection by establishing clearer protocols for notifying individuals affected by…

admin
August 3, 2025

vulnerabilities

Major Vulnerabilities in Niagara Framework Endanger Global Smart Buildings and Industrial Systems

Cybersecurity researchers have identified more than a dozen security flaws within Tridium’s Niagara Framework that could allow network attackers to compromise the system under specific conditions. “These vulnerabilities are fully exploitable if a Niagara system is misconfigured, disabling encryption on certain network devices,” stated Nozomi Networks Labs in a recent report. “When linked together, they could permit an attacker with network access—possibly through a Man-in-the-Middle (MiTM) position—to take control of the Niagara system.” Developed by Tridium, a subsidiary of Honeywell, the Niagara Framework serves as a vendor-neutral platform for managing various devices from multiple manufacturers, including HVAC, lighting, energy management, and security, making it a critical component in building management, industrial automation, and smart infrastructure.

Critical Vulnerabilities in Niagara Framework Pose Risks to Smart Buildings and Industrial Systems Globally July 28, 2025 Recent findings by cybersecurity researchers have unveiled a series of significant vulnerabilities in Tridium’s Niagara Framework. These weaknesses could potentially enable an intruder…

admin
August 3, 2025

cyber-attacks

Protecting Your Python Supply Chain: A Practical Webinar on Defending Against Malicious PyPI Packages

Join us on July 24, 2025, as supply chain attacks targeting Python escalate. Discover effective tools and strategies to safeguard your code, dependencies, and runtime.

Surge in Malicious PyPI Packages Poses Threat to Python Supply Chain Security As of July 24, 2025, the Python ecosystem is facing an escalating wave of supply chain attacks that exploit vulnerabilities in packages available on the Python Package Index…

admin
August 3, 2025

data-breaches

Noma Secures $100M to Grow Agentic AI Security Platform

Agentic AI, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Noma Security Raises $100 Million to Enhance AI Model Protection Michael Novinson (MichaelNovinson) • August 1, 2025 Niv Braun, co-founder and CEO of Noma Security (Image: Noma Security)…

admin
August 2, 2025