As many as 25 websites linked to the Kurdish minority have been compromised as part of a watering hole attack designed to harvest sensitive information for over a year and a half. French cybersecurity firm Sekoia, which disclosed details of the campaign dubbed SilentSelfie, described the intrusion set as long-running, with first signs of infection […]
Category Archives: Uncategorized
Researchers have uncovered one of the first examples of threat actors using artificial intelligence chatbots for malware creation, in a phishing attack spreading the open-source remote access trojan. Go to Source Author: Elizabeth Montalbano, Contributing Writer
An advanced threat actor with an India nexus has been observed using multiple cloud service providers to facilitate credential harvesting, malware delivery, and command-and-control (C2). Web infrastructure and security company Cloudflare is tracking the activity under the name SloppyLemming, which is also called Outrider Tiger and Fishing Elephant. “Between late 2022 to present, SloppyLemming Go […]
Nation-state threat actors backed by Beijing broke into a “handful” of U.S. internet service providers (ISPs) as part of a cyber espionage campaign orchestrated to glean sensitive information, The Wall Street Journal reported Wednesday. The activity has been attributed to a threat actor that Microsoft tracks as Salt Typhoon, which is also known as FamousSparrow […]
Who needs advanced malware when you can take advantage of a bunch of OSS tools and free cloud services to compromise your target? Go to Source Author: Nate Nelson, Contributing Writer
The company said the rogue update that caused disruptions on a global scale resulted from a “perfect storm” of issues. Go to Source Author: Jai Vijayan, Contributing Writer
There will be four major categories in the 2025 retread of the hacking competition, with prizes ranging for each challenge, from $20,000 to half a million. Go to Source Author: Dark Reading Staff
The state-sponsored advanced persistent threat (APT) is going after high-value communications service provider networks in the US, potentially with a dual set of goals. Go to Source Author: Tara Seals, Managing Editor, News, Dark Reading
Though the critical vulnerability was patched in August, Ivanti is reminding customers to update as soon as possible as attacks from unauthenticated threat actors start circulating. Go to Source Author: Dark Reading Staff
Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerabilities discovered in Android dropping from 76% to 24% over a period of six years. The tech giant said focusing on Safe Coding for new features not only reduces the […]