Collaborate Disseminate
A new Android trojan named Brokewell can steal user’s sensitive information and allows attackers to take over devices.
The post Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices appeared first on SecurityWeek.
Continue reading Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
The post Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day appeared first on SecurityWeek.
Continue reading Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day
More than 90,000 unique IPs are still infected with a PlugX worm variant that spreads via infected flash drives.
The post Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses appeared first on SecurityWeek.
Continue reading Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses
A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners.
The post North Korean Hackers Hijack Antivirus Updates for Malware Delivery appeared first on SecurityWeek.
Continue reading North Korean Hackers Hijack Antivirus Updates for Malware Delivery
A threat actor tracked as CoralRaider has been using multiple infostealers to harvest credentials from users worldwide.
The post Threat Actor Uses Multiple Infostealers in Global Campaign appeared first on SecurityWeek.
Continue reading Threat Actor Uses Multiple Infostealers in Global Campaign
Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations.
The post Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations appeared first on SecurityWeek.
Continue reading Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The post Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability appeared first on SecurityWee… Continue reading Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
VulnCheck banks $8 million in early stage capital to build ‘exploit intelligence’ technologies and services.
The post Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing appeared first on SecurityWeek.
Continue reading Threat-Intelligence Startup VulnCheck Closes $8M Seed Financing
Noteworthy stories that might have slipped under the radar: OpenSSF and OpenJS incidents similar to XZ backdoor, Moldovan botnet operator charged, US automotive company targeted by FIN7.
The post In Other News: OSS Backdooring Attempts, Botnet Operator… Continue reading In Other News: OSS Backdooring Attempts, Botnet Operator Charged, Automotive Firm Attack
Microsoft warns that several OpenMetadata vulnerabilities are being exploited to deploy cryptomining malware to Kubernetes environments.
The post OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining appeared first on S… Continue reading OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes Clusters for Cryptomining