Monthly Archives: October 2024

New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics

Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that...

31
Oct
LottieFiles Issues Warning About Compromised “lottie-player” npm Package

LottieFiles has revealed that its npm package “lottie-player” was compromised as part of a supply...

31
Oct
Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations....

31
Oct
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that...

31
Oct
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack

Threat actors in North Korea have been implicated in a recent incident that deployed a...

30
Oct
Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information

A now-patched security flaw in the Opera web browser could have enabled a malicious extension...

30
Oct
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta’s advertising platform and hijacked...

30
Oct
Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code

Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading...

30
Oct
Embarking on a Compliance Journey? Here’s How Intruder Can Help

Navigating the complexities of compliance frameworks like ISO 27001, SOC 2, or GDPR can be...

30
Oct
NIST Wins Multiple CyberScoop 50 Awards
October 29, 2024

NIST’s Cherilyn Pascoe and Ron Ross, as well as the Post Quantum Cryptography Standards project...

Cyber Resilience Audit (CRA) scheme launches for assured CAF-based audits
October 29, 2024

NCSC-assured CRA service now offering Cyber Assessment Framework based audits and more applications invited from...

Researchers Uncover Vulnerabilities in Open-Source AI and ML Models

A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence...

29
Oct
A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation

Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he...

29
Oct
Dutch Police Disrupt Major Info Stealers RedLine and MetaStealer in Operation Magnus

The Dutch National Police, along with international partners, have announced the disruption of the infrastructure...

29
Oct
U.S. Government Issues New TLP Guidance for Cross-Sector Threat Intelligence Sharing

The U.S. government (USG) has issued new guidance governing the use of the Traffic Light...

29
Oct
New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors

More than six years after the Spectre security flaw impacting modern CPU processors came to...

29
Oct
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services

A government entity and a religious organization in Taiwan were the target of a China-linked...

28
Oct
Russian Espionage Group Targets Ukrainian Military with Malware via Telegram

A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of...

28
Oct
BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers

Three malicious packages published to the npm registry in September 2024 have been found to...

28
Oct
THN Cybersecurity Recap: Top Threats, Tools and News (Oct 21 – Oct 27)

Cybersecurity news can sometimes feel like a never-ending horror movie, can’t it? Just when you...

28
Oct
Cybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login Credentials

Cybersecurity researchers have warned of a spike in phishing pages created using a website builder...

28
Oct
Sailing the Seven Seas Securely from Port to Port – OT Access Security for Ships and Cranes

Operational Technology (OT) security has affected marine vessel and port operators, since both ships and...

28
Oct
Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel

A new attack technique could be used to bypass Microsoft’s Driver Signature Enforcement (DSE) on...

28
Oct
Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining

The infamous cryptojacking group known as TeamTNT appears to be readying for a new large-scale...

26
Oct
Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions

Four members of the now-defunct REvil ransomware operation have been sentenced to several years in...

26
Oct
CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities

The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign...

26
Oct
Researchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test Suite

A security flaw impacting the Wi-Fi Test Suite could enable unauthenticated local attackers to execute...

25
Oct
Apple Opens PCC Source Code for Researchers to Identify Bugs in Cloud AI Security

Apple has publicly made available its Private Cloud Compute (PCC) Virtual Research Environment (VRE), allowing...

25
Oct
NIST Announces 14 Candidates to Advance to the Second Round of the Additional Digital Signatures for the Post-Quantum Cryptography Standardization Process
October 25, 2024

After over a year of evaluation, NIST has selected 14 candidates for the second round...

Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?

Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in...

25
Oct