2024-09-08
Headlines

Category: Network Security

Unveiling the "Etherhiding" Technique: Uncovering Malicious Code in WordPress Siteswordpresssecurity,malwaredetection,codeanalysis,websiteprotection,maliciouscode,hackingprevention

Unveiling the “Etherhiding” Technique: Uncovering Malicious Code in WordPress Sites

Morgan Sarah010 mins

Rise of EtherHiding: Abusing Blockchain Technology for Malicious Activities Campaign Overview and Technique Researchers from Guardio have uncovered a new cyberattack campaign dubbed “ClearFake” that utilizes blockchain technology to host and spread malicious code. In this campaign, threat actors exploit compromised WordPress sites to distribute fake browser updates that contain various forms of malware, including…

Read More
Israeli Rocket Alert Apps Seen as Spyware Threat to National Securitywordpress,rocketalert,apps,spyware,nationalsecurity,Israeli

Israeli Rocket Alert Apps Seen as Spyware Threat to National Security

Reynolds Alex011 mins

Malware & Threats: Spyware Caught Masquerading as Israeli Rocket Alert Applications In light of the recent Israel-Gaza conflict, threat actors have targeted Israeli rocket alerting applications to spread fear and distribute mobile spyware, according to a report by Cloudflare. With ongoing rocket launches by Hamas into Israel, individuals in Israel rely on several mobile applications…

Read More
ShellBot: A New Breed of Linux SSH Server Cracker Emergeslinux,SSH,server,cracker,security

ShellBot: A New Breed of Linux SSH Server Cracker Emerges

Morgan Sarah07 mins

Cyberattackers Targeting Linux SSH Servers with ShellBot Malware According to researchers at the AhnLab Security Emergency Response Center (ASEC), cyberattackers are using a new method to hide their malicious activity while targeting Linux SSH servers with the ShellBot malware. By using hexadecimal IP (Hex IP) addresses, threat actors are evading behavior-based detection systems, making it…

Read More
Rising Tensions in the Middle East: Iranian APT34 Spy Campaign Targets Saudi Arabiawordpress,middleeast,tensions,Iranian,APT34,spycampaign,SaudiArabia

Rising Tensions in the Middle East: Iranian APT34 Spy Campaign Targets Saudi Arabia

Emma Thompson08 mins

Phishing Campaign by APT34 Targets Middle East Users A recent phishing campaign conducted by APT34, also known as OilRig, Helix Kitten, or Cobalt Gypsy, is targeting users in the Middle East. APT34, an advanced persistent threat group linked to Iran, has been known for its cyber espionage activities and has previously targeted government agencies, critical…

Read More
Cybersecurity Alert: Active Exploit of Firewall Bug Sparks Urgent CISA Warningwordpress,cybersecurity,alert,activeexploit,firewallbug,urgent,CISA,warning

Cybersecurity Alert: Active Exploit of Firewall Bug Sparks Urgent CISA Warning

Nguyen Michael09 mins

Firewall Bug Under Active Attack Triggers CISA Warning CISA (Cybersecurity and Infrastructure Security Agency) has issued a warning about an ongoing attack targeting Palo Alto Networks’ PAN-OS firewall software. The agency is urging public and federal IT security teams to apply the available fixes as soon as possible to mitigate the risk. Palo Alto Networks…

Read More
NATO Launches Probe into Breach and Leak of Internal Documents: Implications for Security and Transparencysecurity,transparency,NATO,breach,leak,internaldocuments,probe

NATO Launches Probe into Breach and Leak of Internal Documents: Implications for Security and Transparency

Nguyen Michael011 mins

Cybercrime: NATO Investigating Breach and Leak of Internal Documents Background The North Atlantic Treaty Organization (NATO) is currently investigating claims made by a politically motivated hacking group called SiegedSec, stating that they have successfully breached NATO‘s computer systems and leaked a cache of documents online. This would mark the second breach by SiegedSec in the…

Read More
Unraveling the Intricate Web: The 0ktapus Threat Group Strikes 130 Firmswordpress,cybersecurity,threatgroup,0ktapus,hacking,databreach,networksecurity,websecurity,cyberattack,cybercrime

Unraveling the Intricate Web: The 0ktapus Threat Group Strikes 130 Firms

Nguyen Michael09 mins

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms Introduction In a recent report, cybersecurity researchers from Group-IB have uncovered a large-scale phishing campaign orchestrated by the threat group known as “0ktapus.” This campaign targeted more than 130 organizations, compromising a total of 9,931 accounts. The attacks primarily aimed to obtain identity credentials and multi-factor authentication…

Read More
Endpoint Malware Volumes Decline as Campaigns Push Boundaries: WatchGuard Threat Lab Reportwordpress,endpointmalware,volumesdecline,campaigns,boundaries,WatchGuardThreatLabReport

Endpoint Malware Volumes Decline as Campaigns Push Boundaries: WatchGuard Threat Lab Report

Reynolds Alex010 mins

WatchGuard Technologies Releases Internet Security Report Highlighting Key Threat Trends Overview WatchGuard Technologies, a global leader in unified cybersecurity, has recently published its latest Internet Security Report, which provides insights into the top malware trends and network and endpoint security threats. The report, based on research conducted by WatchGuard Threat Lab researchers, reveals several important…

Read More
Unveiling the Hidden Threat: How WordPress Caching Plug-in Puts Websites at Riskwordpresscaching,websitesecurity,hiddenthreat,plug-invulnerability

Unveiling the Hidden Threat: How WordPress Caching Plug-in Puts Websites at Risk

Emma Thompson06 mins

Sophisticated malware has been discovered hiding behind an authentic-looking WordPress caching plug-in, putting infected websites at risk of being completely hijacked by threat actors. Researchers from Wordfence, a cybersecurity company, found that this malicious plug-in can perform a range of harmful actions while appearing as a legitimate add-on for the WordPress platform. The plug-in has…

Read More