CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

16/10/2024 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access

16/10/2024 0 Comments 0 tags

GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487,

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

15/10/2024 0 Comments 0 tags

New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device’s unlock pattern or PIN. “This new addition enables the

Researchers Uncover Hijack Loader Malware Using Stolen Code-Signing Certificates

15/10/2024 0 Comments 0 tags

Cybersecurity researchers have disclosed a new malware campaign that delivers Hijack Loader artifacts that are signed with legitimate code-signing certificates. French cybersecurity company HarfangLab, which detected the activity at the

China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns

15/10/2024 0 Comments 0 tags

China’s National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as Volt Typhoon is a fabrication of the U.S. and its allies. The

The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short

15/10/2024 0 Comments 0 tags

In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software

New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists

15/10/2024 0 Comments 0 tags

North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is

New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT

15/10/2024 0 Comments 0 tags

Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by

WordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million Sites

15/10/2024 0 Comments 0 tags

The maintainers of the Jetpack WordPress plugin have released a security update to remediate a critical vulnerability that could allow logged-in users to access forms submitted by others on a

THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 – Oct 13)

14/10/2024 0 Comments 0 tags

Hey there, it’s your weekly dose of “what the heck is going on in cybersecurity land” – and trust me, you NEED to be in the loop this time. We’ve