In its February 2024 Patch Tuesday updates, Microsoft has issued fixes for 73 security vulnerabilities across its software ecosystem, including two zero-day flaws currently under active exploitation. Among these vulnerabilities, five have been categorized as Critical and 65 as Important, while three have a Moderate severity rating. This release also…
A sophisticated phishing campaign observed since May 2020 has been increasingly targeting corporate leaders across various sectors, including manufacturing, real estate, finance, government, and technology. The primary objective is to extract sensitive information from these high-ranking individuals. This campaign employs social engineering techniques, specifically by sending emails that falsely notify…
A recently identified malware campaign, dubbed DarkGate, has raised alarms in the cybersecurity community. It exploits a now-patched security vulnerability in Microsoft Windows, known as CVE-2024-21412, which was used as a zero-day attack vector through fraudulent software installers. This incident was first observed in mid-January 2024, wherein attackers deceived users…
Cybersecurity firm Trend Micro recently revealed that a significant data breach involved an employee who improperly accessed personal information belonging to thousands of customers, driven by “clear criminal intent.” This insider threat occurred earlier this year, with the company taking immediate actions upon discovery. While businesses have implemented various defensive…
A newly identified Linux variant of a multi-platform backdoor known as DinodasRAT has emerged, actively targeting regions including China, Taiwan, Turkey, and Uzbekistan, according to recent findings by Kaspersky. DinodasRAT, also recognized as XDealer, is a C++-based malware specifically designed to extract various sensitive data from compromised systems. This variant…
Recent cybersecurity investigations have revealed that hackers believed to be affiliated with Iran are intensively targeting academic institutions, government bodies, and tourism organizations throughout the Middle East and its neighboring countries. This campaign appears to be focused on espionage and data theft. Trend Micro has named this operation “Earth Vetala,”…
A renewed campaign backed by the North Korean government is targeting cybersecurity researchers through sophisticated social engineering tactics involving malware. This resurgence was detailed in a recent report from Google’s Threat Analysis Group (TAG). According to TAG, the attackers established a fictitious security firm named SecuriElite and created multiple social…
Progress Software Addresses Security Vulnerabilities in WhatsUp Gold Progress Software has announced a significant update to its WhatsUp Gold product, rectifying six security vulnerabilities, two of which are classified as critical. This update, version 24.0.1, was released on September 20, 2024, and is a response to serious lapses in the…
Microsoft has announced the release of security updates addressing 118 vulnerabilities in its software suite, two of which have been identified as actively exploited vulnerabilities in the wild. Among these vulnerabilities, three have been classified as Critical, while 113 are rated Important, and two are deemed Moderate. Notably, this Patch…
