Inside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike. No strange file names. No antivirus warnings. Just a harmless picture, secretly concealing a payload that can steal data, execute malware, and take over your system without a trace. This is steganography, […]
Category Archives: Uncategorized
Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group dubbed SideWinder. The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates, and Vietnam. Other targets of interest include nuclear power plants and […]
Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees. The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 score of 9.2 out of a maximum of 10.0. “Multiple Moxa PT switches are vulnerable to an […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-57968 – An unrestricted file upload vulnerability in Advantive […]
The likely India-based threat group is also targeting logistics companies in a continued expansion of its activities. Go to Source Author: Jai Vijayan, Contributing Writer
The program underwent a series of changes in the past year, including richer maximum rewards in a variety of bug categories. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
The South American-based advanced persistent threat group is using an exploit with a “high infection rate,” according to research from Check Point. Go to Source Author: Alexander Culafi, Senior News Writer, Dark Reading
Clandestine kill switch was designed to lock out other users if the developer’s account in the company’s Windows Active Directory was ever disabled. Go to Source Author: Kristina Beek, Associate Editor, Dark Reading
Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. “The polymorphic extensions create a pixel perfect replica of the target’s icon, HTML popup, workflows and even temporarily disables the legitimate extension, making it extremely convincing for victims to believe that they are providing credentials to […]
In the battle against two-minute micro-attacks that can knock out critical communication services, the difference between success and failure can literally come down to seconds. Go to Source Author: Jérôme Meyer