CyberArk

November 23, 2023 A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws were discovered by researchers at hardware and software product security and offensive research firm Blackwing Intelligence, who found the weaknesses in the fingerprint …

New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login Read More »

November 23, 2023 North Korean threat actors have been linked to two campaigns in which they masquerade as both job recruiters and seekers to distribute malware and obtain unauthorized employment with organizations based in the U.S. and other parts of the world. The activity clusters have been codenamed Contagious Interview and Wagemole, respectively, by Palo …

North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns Read More »

November 23, 2023 Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security RisksLike the SaaS shadow IT of the past, AI is placing CISOs and cybersecurity teams in a tough but familiar spot.  Employees are covertly using AI with little regard for established IT and cybersecurity review procedures. Considering ChatGPT’s meteoric rise to 100 million users within 60 …

AI Solutions Are the New Shadow IT Read More »

November 23, 2023 The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. “This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of geolocation …

ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer Read More »

November 23, 2023 Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Article posted by: …

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In Read More »

November 22, 2023 The ransomware strain known as Play is now being offered to other threat actors “as a service,” new evidence unearthed by Adlumin has revealed. “The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from …

Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals Read More »

November 22, 2023 A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. “ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP and …

New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks Read More »

November 22, 2023 Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them. Quishing …

How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography Read More »

November 22, 2023 The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. “Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host’s resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and …

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits Read More »