Skip to content
information security Page 140

information security

Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree

Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree

?Jan 26, 2024?NewsroomCyber Crime / Malware 40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department… 

Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems

Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems

?Jan 26, 2024?NewsroomNetwork Security / Vulnerability Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code… 

SystemBC Malware’s C2 Server Analysis Exposes Payload Delivery Tricks

SystemBC Malware’s C2 Server Analysis Exposes Payload Delivery Tricks

?Jan 25, 2024?NewsroomRemote Access Trojan Cybersecurity researchers have shed light on the command-and-control (C2) server of a known malware family called SystemBC. “SystemBC can be purchased on underground marketplaces and is supplied in an archive… 

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks

?Jan 25, 2024?NewsroomVulnerability / Software Security The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result… 

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks

?Jan 25, 2024?NewsroomFileless Malware / Endpoint Security Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that’s distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which… 

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is… 

New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits

New CherryLoader Malware Mimics CherryTree to Deploy PrivEsc Exploits

?Jan 25, 2024?NewsroomThreat Intelligence / Malware Research A new Go-based malware loader called CherryLoader has been discovered by threat hunters in the wild to deliver additional payloads onto compromised hosts for follow-on exploitation. Arctic Wolf… 

Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

?Jan 25, 2024?NewsroomCyber Attack / Data Breach Hackers with links to the Kremlin are suspected to have infiltrated information technology company Hewlett Packard Enterprise’s (HPE) cloud email environment to exfiltrate mailbox data. “The threat actor… 

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters

?Jan 24, 2024?NewsroomCloud Security / Kubernetes Cybersecurity researchers have discovered a loophole impacting Google Kubernetes Engine (GKE) that could be potentially exploited by threat actors with a Google account to take control of a Kubernetes…