fbpx

March 2024

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users’ systems and carry out malicious actions. “This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user’s […]

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions Read More »

US and UK accuse China of cyber operations targeting domestic politics

US and UK accuse China of cyber operations targeting domestic politics

US and UK accuse China of cyber operations targeting domestic politics The U.S. government on Monday accused seven Chinese nationals and a company based in Wuhan of orchestrating a wide-ranging hacking operation targeting political targets in the United States, in what is Washington’s latest attempt to curb what officials describe as increasingly aggressive cyber operations

US and UK accuse China of cyber operations targeting domestic politics Read More »

20 essential open-source cybersecurity tools that save you time - Help Net Security

20 essential open-source cybersecurity tools that save you time – Help Net Security

20 essential open-source cybersecurity tools that save you time Open-source software’s adaptive nature ensures its durability, relevance, and compatibility with new technologies. When I started digging deeper into the open-source cybersecurity ecosystem, I discovered an engaged community of developers working to find practical solutions to many problems, one of them being saving time. Here are

20 essential open-source cybersecurity tools that save you time – Help Net Security Read More »

Chinese ‘state-affiliated’ organisations behind cyber-attacks on MPs and Electoral Commission, Dowden says – UK politics live

Chinese ‘state-affiliated’ organisations behind cyber-attacks on MPs and Electoral Commission, Dowden says – UK politics live

Please note: This is not a public comment – only the Guardian can see your message. Our writers will monitor these messages and respond to some in this live blog, but unfortunately they will not be able to respond to every message. Mon 25 Mar 2024 17.24 CETFirst published on Mon 25 Mar 2024 10.31

Chinese ‘state-affiliated’ organisations behind cyber-attacks on MPs and Electoral Commission, Dowden says – UK politics live Read More »

China cyber-attacks: this growing threat to UK security will not go away

China cyber-attacks: this growing threat to UK security will not go away

In March last year an integrated review of the UK’s defence and foreign policy said it would protect the country’s “democratic freedoms” from Chinese state attacks. A few months later the Electoral Commission confirmed why democratic institutions and processes were on the threat list as it revealed that a cyber-attack – by a then unidentified

China cyber-attacks: this growing threat to UK security will not go away Read More »

Russian Hackers Use 'WINELOADER' Malware to Target German Political Parties

Russian Hackers Use ‘WINELOADER’ Malware to Target German Political Parties

The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia’s Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft. The findings come from Mandiant, which said Midnight Blizzard (aka APT29, BlueBravo, or Cozy

Russian Hackers Use ‘WINELOADER’ Malware to Target German Political Parties Read More »

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware - Help Net Security

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware – Help Net Security

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024-27198, an authentication bypass vulnerability affecting the TeamCity server, has been disclosed and fixed

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware – Help Net Security Read More »

U.S. Sanctions Russians Behind 'Doppelganger' Cyber Influence Campaign

U.S. Sanctions Russians Behind ‘Doppelganger’ Cyber Influence Campaign

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against two 46-year-old Russian nationals and the respective companies they own for engaging in cyber influence operations. Ilya Andreevich Gambashidze (Gambashidze), the founder of the Moscow-based company Social Design Agency (SDA), and Nikolai Aleksandrovich Tupikin (Tupikin), the CEO and current owner

U.S. Sanctions Russians Behind ‘Doppelganger’ Cyber Influence Campaign Read More »

Russian Hackers Target Ukrainian Telecoms with Upgraded 'AcidPour' Malware

Russian Hackers Target Ukrainian Telecoms with Upgraded ‘AcidPour’ Malware

The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show. The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russian military intelligence. “AcidPour’s expanded capabilities would enable it to better disable embedded

Russian Hackers Target Ukrainian Telecoms with Upgraded ‘AcidPour’ Malware Read More »

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials

Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that’s used to target Laravel applications and steal sensitive data. “It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio,” Juniper Threat Labs researcher Kashinath T Pattan said. “Classified as an SMTP cracker,

AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials Read More »

Scroll to Top