The ScarCruft group from North Korea has once again exploited a vulnerability in Windows to distribute the RokRAT malware. The exploitation targets CVE-2024-38178, a memory corruption vulnerability in the Scripting Engine, rated with a...
The major Japanese company Casio is still recovering from a ransomware attack that occurred nearly two weeks ago. Ayuko Hara, a company representative, told the tech publication TechCrunch that the prospects for full recovery...
Trend Micro specialists have discovered that in a series of attacks, cybercriminals utilized the EDRSilencer tool to disable EDR system alerts. Attackers integrate this tool into their operations to conceal traces of their activities...
A new scam involving fake QR codes placed on parking signs has been uncovered in Ireland. Users on the social network Mastodon discussed how fraudsters are using counterfeit stickers with altered codes that redirect...
In Hong Kong, 27 individuals were arrested on suspicion of orchestrating fraudulent schemes involving deepfakes. By manipulating faces, the fraudsters extracted funds from victims, resulting in total losses amounting to $46 million. The syndicate...
Researchers at Checkmarx have identified a new technique for supply chain attacks in open-source ecosystems, enabling malicious actors to exploit command-line interface (CLI) manipulations for the covert injection of malicious code. Such attacks are...
The Chinese Cybersecurity Association (CSAC) has leveled serious accusations against Intel Corporation. In an extensive statement published on WeChat, the organization detailed numerous vulnerabilities in the American manufacturer’s processors and harshly criticized its approach...
The Internet Archive’s digital library is gradually resuming operations after a week-long outage caused by a severe cyberattack. The organization suffered a data breach and a distributed denial-of-service (DDoS) attack. Founded in 1996 by...
Security analysts at Mullvad have identified instances where the macOS firewall malfunctions, disregarding established rules. This issue is particularly concerning for VPN users, whose traffic may leak following system updates. Mullvad specialists point out...
Cybersecurity researchers have recently uncovered a series of vulnerabilities in Trusted Execution Environments (TEE) of AMD and Intel processors. One such attack, dubbed CounterSEVeillance, targets AMD’s Secure Encrypted Virtualization (SEV) technology, including the SEV-SNP...
WhatsApp Messenger has encountered significant privacy issues. The application, renowned for its end-to-end encryption (E2EE), has proven vulnerable due to the functionality of its Multi-Device mode. According to a new study by Zengo, attackers...
Splunk, a leader in data analytics and monitoring, has disclosed 12 new vulnerabilities in its Splunk Enterprise product for Windows, enabling remote code execution (RCE) by malicious actors. On October 14, 2024, the company...
