Latest CyberSec News by @thecyberpicker

Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data

There is a new botnet that is infecting TP-Link routers: The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high severity security flaw (tracked as CVE-2023-1389) has also been used to spread other malware families as far back as April 2023 when it was used in the Mirai botnet malware attacks. The flaw also linked to the Condi and AndroxGh0st malware attacks. […] Of the thousands of infected devices, the majority of them are concentrated in Brazil, Poland, the United Kingdom, Bulgaria and Turkey; with the botnet targeting manufacturing, medical/healthcare, services and technology organizations in the United States, Australia, China and Mexico...

Sir Jeremy Fleming spoke during Palo Alto Networks’ Ignite event in London on March 13

MassJacker clipper malware hijacks cryptocurrency transactions, targeting piracy users via Pesktop[.]com, with attackers linked to 778K+ wallet addres

OBSCURE#BAT malware exploits fake CAPTCHA pages and malvertising to deploy rootkit r77, evading detection via registry modifications and AMSI patching

One of the four states that make up the Pacific nation of Micronesia is battling against ransomware hackers who have forced all of the computers used by its government health agency offline.

U.S. CISA adds Apple products and Juniper Junos OS vulnerabilities to its Known Exploited Vulnerabilities catalog.

GitLab addressed two critical authentication bypass vulnerabilities in Community Edition (CE) and Enterprise Edition (EE).

Microsoft has reinstated the 'Material Theme - Free' and 'Material Theme Icons - Free' extensions on the Visual Studio Marketplace after finding that the obfuscated code they contained wasn't actually malicious.

While incoming officials grapple with long-standing failures to deter China and other adversaries from launching cyberattacks on the U.S. homeland, the Defense Department faces a startling capability gap

A new ransomware operator named 'Mora_001' is exploiting two Fortinet vulnerabilities to gain unauthorized access to firewall appliances and deploy a custom ransomware strain dubbed SuperBlack.

Microsoft is now testing an AI-powered text summarization feature in Notepad and a Snipping Tool "Draw & Hold" feature that helps draw perfect shapes.

Thorsten picks apart some headlines, highlights Talos’ report on an unknown attacker predominantly targeting Japan, and asks, “Where is the victim, and does it matter?”

Cisco Talos’ Vulnerability Discovery & Research team recently disclosed a Miniaudio and three Adobe vulnerabilities.   The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy.     For Snort coverage that can detect the exploitation of these vulnerabilities, download the latest rule sets from Snort.org, and our latest Vulnerability Advisories are always posted on Talos Intelligence’s w

Des sénateurs ont pris position contre l'avis du gouvernement en faisant voter un amendement anti-backdoor (porte dérobée) pour protéger le chiffrement. La mesure a été prise alors qu'un débat a eu lieu à l'Assemblée nationale. Il a concerné une proposition de loi, dont les contours ont fait craindre à un

​Microsoft is investigating a known issue that causes the new Outlook email client to crash when users click the "Go to classic Outlook" button, which should help them switch back to the classic Outlook.

Volt Typhoon's ten-month intrusion of Littleton Electric Light and Water Departments exposes vulnerabilities in the US electric grid

Learn about the Microsoft Security Response Center, which investigates vulnerabilities and releases security updates to help protect customers from cyberthreats.

CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics

North Korea-linked APT group ScarCruft used a new Android spyware dubbed KoSpy to target Korean and English-speaking users.

​Juniper Networks has released emergency security updates to patch a Junos OS vulnerability exploited by Chinese hackers to backdoor routers for stealthy access.

The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.

GitLab released security updates for Community Edition (CE) and Enterprise Edition (EE), fixing nine vulnerabilities, among which two critical severity ruby-saml library authentication bypass flaws.

2006 AT&T whistleblower Mark Klein has died.

Starting in December 2024, leading up to some of the busiest travel days, Microsoft Threat Intelligence identified a phishing campaign that impersonates online travel agency Booking.com and targets organizations in the hospitality industry. The campaign uses a social engineering technique called ClickFix to deliver multiple credential-stealing malware in order to conduct financial fraud and theft. […]

Microsoft warns of a phishing campaign using ClickFix to spread malware via fake Booking.com emails. Attackers exploit fake CAPTCHA pages to steal cre

Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware

To parents worried about their children's presence on Roblox, the CEO said don't let your kids be on Roblox.

En juillet 2024, Dassault Systèmes annonçait un partenariat avec la pépite Mistral AI, donnant naissance à une nouvelle offre "LMaaS"...-Souveraineté