Technology giant Cisco on Wednesday warned that professional, nation state-backed hacking teams are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks. According to an advisory from Cisco Talos, the attackers are taking aim at software defects in certain devices running Cisco Adaptive Security Appliance (ASA) or Cisco Firepower Threat Defense (FTD) productS. READ MORE...
An elite team of Iranian state-sponsored hackers successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies, according to the Feds, as part of a multiyear cyber espionage campaign aimed at stealing military secrets. The US Departments of Treasury and State are among those compromised in the elaborate campaign, which lasted from 2016 to 2021 according to a US Justice Department indictment unsealed this week. READ MORE...
North Korea's premiere advanced persistent threats (APTs) have been quietly spying on South Korean defense contractors for at least a year and a half, infiltrating some 10 organizations. South Korean police this week released the findings of an investigation that uncovered concurrent espionage campaigns carried out by Andariel (aka Onyx Sleet, Silent Chollima, Plutonium), Kimsuky (aka APT 43, Thallium, Velvet Chollima, Black Banshee), and the broader Lazarus Group. READ MORE...
Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches. The malware is delivered through a fake Google Chrome update that is shown while using the web browser. Brokewell is under active development and features a mix of extensive device takeover and remote control capabilities. READ MORE...
The web has become so interwoven with everyday life that it is easy to forget what an extraordinary accomplishment and treasure it is. In just a few decades, much of human knowledge has been collectively written up and made available to anyone with an internet connection. But all of this is coming to an end. The advent of AI threatens to destroy the complex online ecosystem that allows writers, artists, and other creators to reach human audiences. READ MORE...
Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access. Currently installed on more than 30,000 websites, WP Automatic lets administrators automate content importing (e.g. text, images, video) from various online sources and publishing on their WordPress site. READ MORE...
Palo Alto Networks has shared remediation instructions for organizations whose firewalls have been hacked through the exploitation of the vulnerability tracked as CVE-2024-3400. On Wednesday, the cybersecurity giant updated its advisory for CVE-2024-3400 to include a link to a knowledge base article providing remediations depending on the exploitation attempt's level of success. READ MORE...