UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575)
Fortinet and Mandiant investigated the mass exploitation of FortiManager devices via CVE-2024-47575, impacting 50+ systems across industries. Threat…
Lazarus Group Exploits Chrome 0-Day for Crypto with Fake NFT Game
North Korean hackers from Lazarus Group exploited a zero-day vulnerability in Google Chrome to target cryptocurrency investors with…
Misconfigured UN Database Exposes 228GB of Gender Violence Victims’ Data
A cybersecurity researcher discovered a massive data leak exposing over 115,000 sensitive documents associated with the UN Trust…
TA866 Group Linked to New WarmCookie Malware in Espionage Campaign
Cisco Talos reveals TA866’s (also known as Asylum Ambuscade) sophisticated tactics and its link to the new WarmCookie…
Fake CAPTCHA Pages Used by Lumma Stealer to Spread Fileless Malware
Lumma Stealer malware uses fake CAPTCHA to deceive victims. This information-stealing malware targets sensitive data like passwords and…
Dark Web Anti-Bot Services Let Phishers Bypass Google’s Red Page
Anti-bot services on the dark web allow phishers to bypass Google’s Red Page warnings, evading detection and making…
Internet Archive (Archive.org) Hacked for Second Time in a Month
The Internet Archive (Archive.org) suffered a second security breach in October 2024, exposing support tickets through unrotated Zendesk…
Hackers Use Fake ESET Emails to Target Israeli Firms with Wiper Malware
Hackers impersonate ESET in phishing attacks targeting Israeli organizations. Malicious emails, claiming to be from ESET, deliver wiper…
Iranian Hackers Target Microsoft 365, Citrix Systems with MFA Push Bombing
Iranian hackers are targeting critical infrastructure organizations with brute force tactics. This article explores their techniques, including MFA…
Fake North Korean IT Workers Infiltrate Western Firms, Demand Ransom
North Korean hackers are infiltrating Western companies using fraudulent IT workers to steal sensitive data and extort ransom.…