In today’s interconnected world, smartphones have become indispensable tools, playing critical roles in various daily activities, from food delivery to medical appointments. However, the increasing reliance on these devices raises urgent concerns about their security vulnerabilities. Recent findings from Oversecured, a cybersecurity startup, underscore the profound risks associated with mobile…
Iranian Cyber Espionage Group Targets Aerospace Defense Sector with Social Engineering Tactics An Iranian cyber espionage group has been implicated in a sophisticated attack designed to plant malware on the systems of an employee at an aerospace defense contractor. This operation, which has transpired over several years, underscores the evolving…
On Monday, cybersecurity researchers unveiled the existence of a newly identified re-implementation of the notorious Cobalt Strike Beacon for both Linux and Windows operating systems. This variant, dubbed “Vermilion Strike,” has been actively targeting a range of sectors, including government, telecommunications, IT, and financial institutions. This advanced yet undetected penetration…
On December 16, 2022, the DevOps platform CircleCI fell victim to a sophisticated cyberattack that compromised an employee’s laptop. Unidentified threat actors utilized malware to gain access to the employee’s two-factor authentication credentials and subsequently infiltrated CircleCI’s systems. The malware was notably able to bypass the company’s antivirus defenses, underscoring…
Two Eastern European nationals have received prison sentences in the United States for their involvement in “bulletproof hosting” services used by cybercriminals to distribute malware and target financial institutions between 2009 and 2015. Pavel Stassi, aged 30 from Estonia, has been sentenced to 24 months in prison, while Aleksandr Shorodumov,…
Amazon Web Services (AWS) faced significant downtime on Monday due to Domain Name System (DNS) resolution issues that triggered widespread disruptions across various online platforms. This incident underscored the global dependency on large cloud service providers, known as hyperscalers, and highlighted the complications both for these companies and their clients…
The Universe Browser has drawn attention with bold claims, positioning itself as the fastest web browser while promising enhanced privacy and safety for its users. However, a deeper examination raises significant concerns about its operations and potential risks to users. Recent research by Infoblox, a network security firm, has uncovered…
A recent cyber threat known as GlassWorm has been detected, specifically targeting developers utilizing Visual Studio Code extensions via the OpenVSX marketplace. Koi Security unveiled this campaign, which leverages trusted extensions to automatically propagate across various development environments while employing stolen credentials to facilitate further infections. Distinct from typical malware…
Recent investigations conducted by Qihoo 360’s Netlab security team have unveiled an emergent botnet named “Abcbot.” This entity demonstrates worm-like propagation methods, targeting Linux systems to execute distributed denial-of-service (DDoS) attacks on various victims. The botnet’s inception can be traced back to July 2021, yet its latest variants, identified as…
