Latest Cybersecurity News and Articles

Custom "Pygmy Goat" Malware Used in Sophos Firewall Hack on Government Network

The UK's National Cyber Security Centre (NCSC) has analyzed a Linux malware called "Pygmy Goat" that was developed to create backdoors in Sophos XG firewall devices as part of recent attacks by Chinese threat actors.

QNAP Patches Zero-Day Flaw in QuRouter Following Pwn2Own Ireland 2024 Exploits

The flaw, CVE-2024-50389, could allow hackers to compromise QuRouter devices, leading to a patch for affected versions 2.4.x. Users are urged to update to version 2.4.5.032 or later immediately.

HookBot Uses Advanced Techniques Beyond Keylogging for Data Theft

Netcraft's recent study highlighted HookBot, an advanced Android banking trojan discovered in 2023, that uses overlay attacks, keylogging, and SMS interception to steal sensitive information like banking credentials and passwords.

Google Researchers Claim First Vulnerability Found Using AI

Researchers from Google Project Zero and Google DeepMind discovered a vulnerability using a large language model (LLM). The vulnerability was found in SQLite, an open-source database engine, and reported to developers before its official release.

New Interlock Ransomware Found Targeting FreeBSD Servers

A new ransomware group named Interlock has been attacking organizations worldwide by targeting FreeBSD servers with a unique encryptor. Launched in September 2024, Interlock has already hit six organizations, including Wayne County, Michigan.

Century Systems Routers Vulnerable to Remote Exploitation

Century Systems Co. , Ltd. has issued a security advisory for their FutureNet NXR series routers due to a critical vulnerability (CVE-2024-50357) with a severity score of 9.8. This flaw allows attackers to exploit exposed REST-APIs remotely.

APT36 Deploys ElizaRAT and ApoloStealer in Attacks on Indian Targets

Over the past year, APT36 has been observed using three different versions of ElizaRAT in separate campaigns targeting Indian entities, with the latest version using Google Drive for command-and-control communications.

Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning

Security researchers have detected six security vulnerabilities in the Ollama artificial intelligence framework that could be used by attackers for malicious activities like denial-of-service, model poisoning, and model theft.

Okta Fixes Auth Bypass Bug After 3-Month Lull

Okta fixed a bug that could let hackers bypass authentication by using long usernames or lengthy domain names. Cybercriminals could exploit this security hole to access Okta AD/LDAP delegated authentication with just a username.

Beware of chalk-node: Malicious Package Steals Developer Data

A malicious package called “chalk-node” is pretending to be the legitimate “chalk” library. This imposter package contains a script that steals sensitive data from victims' computers and sends it to external servers.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags