Kimsuky hackers deploy new Linux backdoor via trojanized installers
The North Korean hacker group Kimsuki has been using trojanized software packages to deliver a new Linux malware called Gomir in cyberespionage campaigns against targets in South Korea. Kimsuky is a state-sponsored threat actor linked to North Korea’s military...
Google patches third exploited Chrome zero-day in a week
Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. "Google is aware that an exploit for CVE-2024-4947 exists in the wild," the search giant said in a security advisory...
FBI takes down BreachForums website and Telegram channel • The Register
The FBI, in combination with police around the world, have taken control of the website and Telegram channel of ransomware brokerage site BreachForums. The action occurred on Wednesday, just days after the site hosted information apparently stolen from...
Improving cyber defense with open source SIEM and XDR • The Register
Partner Content A cyber defense strategy outlines policies, procedures, and technologies to prevent, detect, and respond to cyber attacks. This helps avoid financial loss, reputational damage, and legal repercussions. Developing a cyber defense strategy...
Microsoft fixes exploited bugs, one used in QakBot attacks • The Register
Happy May Patch Tuesday. We've got a lot of vendors joining this month's patchapalooza, which includes a handful of bugs that have been exploited — either in the wild or at Pwn2Own — and now fixed by Microsoft, Apple, Google and VMware. Starting with Microsoft:...
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port. The D-Link DIR-X4860 router is a high-performance Wi-Fi 6 router capable...
Microsoft fixes VPN failures caused by April Windows updates
Today, Microsoft fixed a known issue breaking VPN connections across client and server platforms after installing the April 2024 Windows security updates. "Windows devices might face VPN connection failures after installing the April 2024 security update or...
NCSC and insurers target ransom payments with guidebook • The Register
The latest effort to reduce the number of ransom payments sent to cybercriminals in the UK involves the country's National Cyber Security Centre (NCSC) locking arms with insurance associations. Announced today by NCSC CEO Felicity Oswald at the annual CYBERUK...
400k Linux servers compromised for cryptotheft and financial gain
ESET Research One of the most advanced server-side malware campaigns is still growing, with hundreds of thousands of compromised servers, and it has diversified to include credit card and cryptocurrency theft Marc-Etienne M.Léveillé 14 May 2024 • , 3 min....
ESET APT Activity Report Q4 2023–Q1 2024
ESET Research, Threat Reports An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2023 and Q1 2024 14 May 2024 • , 2 min. read ESET APT Activity Report Q4 2023–Q1 2024 summarizes notable activities of selected...