Skip to content
information security Page 149

information security

U.S. State Government Network Breached via Former Employee’s Account

U.S. State Government Network Breached via Former Employee’s Account

?Feb 16, 2024?NewsroomCybersecurity / Data Breach The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed state government organization’s network environment was compromised via an administrator account belonging to a former employee.… 

Russian Turla Hackers Target Polish NGOs with New TinyTurla-NG Backdoor

Russian Turla Hackers Target Polish NGOs with New TinyTurla-NG Backdoor

?Feb 15, 2024?NewsroomMalware / Cyber Espionage The Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in December 2023.… 

Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries

Ivanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated Libraries

A reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of… 

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

Chinese Hackers Using Deepfakes in Advanced Mobile Banking Malware Attacks

A Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that’s capable of harvesting identity documents, facial recognition data, and… 

Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation

Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation

?Feb 15, 2024?NewsroomThreat Intelligence / Vulnerability Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the… 

Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyberattacks

Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyberattacks

?Feb 14, 2024?NewsroomArtificial Intelligence / Cyber Attack Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large language models (LLMs) to complement their ongoing cyber attack operations.… 

Ubuntu ‘command-not-found’ Tool Could Trick Users into Installing Rogue Packages

Ubuntu ‘command-not-found’ Tool Could Trick Users into Installing Rogue Packages

?Feb 14, 2024?NewsroomSoftware Security / Vulnerability Cybersecurity researchers have found that it’s possible for threat actors to exploit a well-known utility called command-not-found to recommend their own rogue packages and compromise systems running Ubuntu operating…