Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack

North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit.
The post Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack appeared first on SecurityWeek.
Continue reading Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack

Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security

8,800 domains, many once owned by major companies, have been abused to get millions of emails past spam filters as part of SubdoMailing campaign.
The post Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security appeared first on … Continue reading Domains Once Owned by Major Firms Help Millions of Spam Emails Bypass Security

‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery

ConnectWise ScreenConnect vulnerability tracked as CVE-2024-1709 and SlashAndGrab exploited to deliver ransomware and other malware.
The post ‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery appeared first on… Continue reading ‘SlashAndGrab’ ScreenConnect Vulnerability Widely Exploited for Malware Delivery

Eye Care Services Firm Faces Lawsuit Over Data Breach Impacting 2.3 Million

Eye care practice management firm American Vision Partners faces lawsuit over data breach impacting 2.3 million patients.
The post Eye Care Services Firm Faces Lawsuit Over Data Breach Impacting 2.3 Million appeared first on SecurityWeek.
Continue reading Eye Care Services Firm Faces Lawsuit Over Data Breach Impacting 2.3 Million

US Offering $10M for LockBit Leaders as Law Enforcement Taunts Cybercriminals

The US is offering big rewards for information on LockBit cybercriminals as law enforcement claims to have identified some individuals.
The post US Offering $10M for LockBit Leaders as Law Enforcement Taunts Cybercriminals appeared first on SecurityWeek.
Continue reading US Offering $10M for LockBit Leaders as Law Enforcement Taunts Cybercriminals

Executive Order on Port Cybersecurity Points to IT/OT Threat Posed by Chinese Cranes

A new Biden executive order to boost the cybersecurity of US ports highlights the risks associated with the use of Chinese cranes.
The post Executive Order on Port Cybersecurity Points to IT/OT Threat Posed by Chinese Cranes appeared first on SecurityW… Continue reading Executive Order on Port Cybersecurity Points to IT/OT Threat Posed by Chinese Cranes