Source: thehackernews.com – Author: . May 17, 2024NewsroomCryptojacking / Malware The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet. The findings come from cloud security firm Aqua, which described the […]

La entrada Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . A new report from XM Cyber has found – among other insights – a dramatic gap between where most organizations focus their security efforts, and where the most serious threats actually reside. The new report, Navigating the Paths of Risk: The State of Exposure Management in 2024, is based on […]

La entrada New XM Cyber Research: 80% of Exposures from Misconfigurations, Less Than 1% from CVEs – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . Cybersecurity researchers have shed more light on a remote access trojan (RAT) known as Deuterbear used by the China-linked BlackTech hacking group as part of a cyber espionage campaign targeting the Asia-Pacific region this year. “Deuterbear, while similar to Waterbear in many ways, shows advancements in capabilities such as including […]

La entrada China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . May 17, 2024NewsroomLinux / Malware The Kimsuky (aka Springtail) advanced persistent threat (APT) group, which is linked to North Korea’s Reconnaissance General Bureau (RGB), has been observed deploying a Linux version of its GoBear backdoor as part of a campaign targeting South Korean organizations. The backdoor, codenamed Gomir, is “structurally […]

La entrada Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . May 16, 2024NewsroomRansomware / Incident Response The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks. “Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta ransomware,” […]

La entrada Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . May 16, 2024NewsroomBrowser Security / Vulnerability Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been exploited in the wild. Assigned the CVE identifier CVE-2024-4947, the vulnerability relates to a type confusion bug in the V8 […]

La entrada Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . May 14, 2024NewsroomLocation Tracking / Privacy Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. “This will help mitigate […]

La entrada Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands as a means to deliver MSIX installers that culminate in the deployment of NetSupport RAT. “The threat actors used malicious websites to impersonate well-known brands, including AnyDesk, WinSCP, BlackRock, Asana, Concur, The […]

La entrada FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . May 10, 2024NewsroomMalware / Cyber Espionage The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at two South Korean cryptocurrency firms. “Durian boasts comprehensive backdoor functionality, enabling the execution of delivered commands, additional […]

La entrada North Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto Firms – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . May 10, 2024The Hacker NewsArtificial Intelligence / Threat Hunting Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, “The Future of Threat Hunting is Powered by Generative AI,” where you’ll explore how AI […]

La entrada CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar) – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . May 10, 2024NewsroomBrowser Security / Vulnerability Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component. It was reported […]

La entrada Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . A guide to finding the right endpoint detection and response (EDR) solution for your business’ unique needs. Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls have traditionally served as the frontlines of defense, the battleground has shifted […]

La entrada What’s the Right EDR for You? – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users’ credentials from compromised devices. “This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices,” the SonicWall Capture Labs threat research […]

La entrada Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.

Source: thehackernews.com – Author: . May 10, 2024NewsroomVulnerability / Cloud Security Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors. The attack technique has been codenamed LLMjacking by the Sysdig Threat Research Team. “Once […]

La entrada Researchers Uncover ‘LLMjacking’ Scheme Targeting Cloud-Hosted AI Models – Source:thehackernews.com se publicó primero en CISO2CISO.COM & CYBER SECURITY GROUP.