software vulnerability

New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide

Dec 21, 2023 by iHash Leave a Comment

A new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estimated to have led to at least 50,000 infected user sessions spanning North America, South America, … [Read more...] about New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide

How One Vulnerable Device Can Spell Disaster

Dec 20, 2023 by iHash Leave a Comment

Dec 20, 2023NewsroomNetwork Security / Data Breach Ransomware groups are increasingly switching to remote encryption in their attacks, marking a new escalation in tactics adopted by financially motivated actors to ensure the success of their campaigns. "Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one … [Read more...] about How One Vulnerable Device Can Spell Disaster

Hackers Abusing GitHub to Evade Detection and Control Compromised Hosts

Dec 19, 2023 by iHash Leave a Comment

Dec 19, 2023The Hacker NewsSoftware Security / Threat intelligence Threat actors are increasingly making use of GitHub for malicious purposes through novel methods, including abusing secret Gists and issuing malicious commands via git commit messages. "Malware authors occasionally place their samples in services like Dropbox, Google Drive, OneDrive, and Discord to host second … [Read more...] about Hackers Abusing GitHub to Evade Detection and Control Compromised Hosts

Swiss Army Knife of Information Stealers Emerges

Dec 18, 2023 by iHash Leave a Comment

The developers of the information stealer malware known as Rhadamanthys are actively iterating on its features, broadening its information-gathering capabilities and also incorporating a plugin system to make it more customizable. This approach not only transforms it into a threat capable of delivering "specific distributor needs," but also makes it more potent, Check Point … [Read more...] about Swiss Army Knife of Information Stealers Emerges

MongoDB Suffers Security Breach, Exposing Customer Data

Dec 17, 2023 by iHash Leave a Comment

Dec 17, 2023NewsroomCyber Attack / Data Security MongoDB on Saturday disclosed it's actively investigating a security incident that has led to unauthorized access to "certain" corporate systems, resulting in the exposure of customer account metadata and contact information. The American database software company said it first detected anomalous activity on December 13, 2023, … [Read more...] about MongoDB Suffers Security Breach, Exposing Customer Data

China’s MIIT Introduces Color-Coded Action Plan for Data Security Incidents

Dec 16, 2023 by iHash Leave a Comment

Dec 16, 2023NewsroomCyber Security / Incident Response China's Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed to "improve the comprehensive response capacity for data security incidents, to ensure timely and effective … [Read more...] about China’s MIIT Introduces Color-Coded Action Plan for Data Security Incidents

Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft

Dec 15, 2023 by iHash Leave a Comment

Dec 15, 2023NewsroomCryptocurrency / Malware Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual assets. The compromise was the result of a former employee falling victim to a phishing attack, the company said in a … [Read more...] about Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft

Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders

Dec 14, 2023 by iHash Leave a Comment

Dec 14, 2023NewsroomMalware / Cyber Espionage The Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by Slovak cybersecurity company ESET. The attacks also involved … [Read more...] about Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders

Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities

Dec 13, 2023 by iHash Leave a Comment

Dec 13, 2023NewsroomMobile Communication / Firmware security Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of … [Read more...] about Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities

Non-Human Access is the Path of Least Resistance: A 2023 Recap

Dec 12, 2023 by iHash Leave a Comment

Dec 12, 2023The Hacker NewsCybersecurity / GenAI Security 2023 has seen its fair share of cyber attacks, however there's one attack vector that proves to be more prominent than others - non-human access. With 11 high-profile attacks in 13 months and an ever-growing ungoverned attack surface, non-human identities are the new perimeter, and 2023 is only the beginning. Why … [Read more...] about Non-Human Access is the Path of Least Resistance: A 2023 Recap

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54