Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes

15/01/2025 0 Comments 0 tags

Cybersecurity researchers have alerted to a new malvertising campaign that’s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google.

The High-Stakes Disconnect For ICS/OT Security

15/01/2025 0 Comments 0 tags

Why does ICS/OT need specific controls and its own cybersecurity budget today? Because treating ICS/OT security with an IT security playbook isn’t just ineffective—it’s high risk. In the rapidly evolving

Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool

15/01/2025 0 Comments 0 tags

As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a

North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains

15/01/2025 0 Comments 0 tags

Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam. The new evidence suggests that Pyongyang-based threamoret

Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks

15/01/2025 0 Comments 0 tags

Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution. Horizon3.ai researcher Naveen Sunkavally, in a

3 Actively Exploited Zero-Day Flaws Patched in Microsoft’s Latest Security Update

15/01/2025 0 Comments 0 tags

Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in

FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation

15/01/2025 0 Comments 0 tags

The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as

Google OAuth Vulnerability Exposes Millions via Failed Startup Domains

14/01/2025 0 Comments 0 tags

New research has pulled back the curtain on a “deficiency” in Google’s “Sign in with Google” authentication flow that exploits a quirk in domain ownership to gain access to sensitive

Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

14/01/2025 0 Comments 0 tags

Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System

Russian-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware

14/01/2025 0 Comments 0 tags

Russia-linked threat actors have been attributed to an ongoing cyber espionage campaign targeting Kazakhstan as part of the Kremlin’s efforts to gather economic and political intelligence in Central Asia. The