Malware & Threats

Issued by: The Hacker News

Cybersecurity researchers are sounding the alarm over an ongoing campaign that’s leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. “Unbeknownst to…

Malware & Threats

Issued by: DataBreach Today

The U.K. National Health Service is urging hospitals across the country to limit the use of rare O-negative type blood after a ransomware attack on a British laboratory service provider crippled blood donations across the country. The NHS Blood and Transplant service on Thursday issued an amber alert to hospitals stating that the combination of…

Malware & Threats

Issued by: Dark Reading

Cybercriminals are using last week’s CrowdStrike outage as a vehicle for social engineering attacks against the security vendor’s customers. In the hours after the event that grounded planes, shuttered stores, closed down medical facilities, and more, national cybersecurity agencies in the US, UK, Canada, and Australia all reported follow-on phishing activity by petty criminals. That…

Featured Post
Malware & Threats

Issued by: Dark Reading

Malicious actors are targeting users of a mobile currency game by using fake Android and Windows software that installs spyware and other malware. Hamster Kombat launched in March and already has more than 250 million users, likely due to the promises of winning TON-based cryptocurrency. The game is for Android users, who can earn in-game…

Malware & Threats

Issued by: DataBreach Today

North Korean Hackers Target macOS Users North Korean state-sponsored hackers are targeting macOS users with a new variant of their BeaverTail malware, spreading it through a malicious version of the video-calling service Microtalk. Cybersecurity researcher Patrick Wardle revealed that the attackers trick victims into downloading the infected software by posing as recruiters offering job interviews….

Featured Post
Vulnerabilities

Issued by: Security Affairs

Cisco has addressed a critical vulnerability, tracked as CVE-2024-20419 (CVSS score of 10.0), in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers that allows attackers to change any user’s password. The issue is due to an improper implementation in the password-change process. Threat actors can trigger the vulnerability by sending specially crafted HTTP…

Software Security

Issued by: Dark Reading

As organizations continue to fortify their cybersecurity strategies in response to an ever-evolving threat landscape, many are turning to Zero Trust architectures to safeguard their data. However, implementing Zero Trust is not without its challenges. According to a new strategy guide from the SANS Institute, “Navigating the Path to a State of Zero Trust in…

Malware & Threats

Issued by: Naked Security

The latest annual Sophos study of the real-world ransomware experiences of energy, oil/gas and utilities sector – a core element of the critical infrastructure supporting businesses – explores the full victim journey, from attack rate and root cause to operational impact and business outcomes. This year’s report sheds light on new areas of study for…