March 2024

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users’ systems and carry out malicious actions. “This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user’s […]

US and UK accuse China of cyber operations targeting domestic politics The U.S. government on Monday accused seven Chinese nationals and a company based in Wuhan of orchestrating a wide-ranging hacking operation targeting political targets in the United States, in what is Washington’s latest attempt to curb what officials describe as increasingly aggressive cyber operations

20 essential open-source cybersecurity tools that save you time Open-source software’s adaptive nature ensures its durability, relevance, and compatibility with new technologies. When I started digging deeper into the open-source cybersecurity ecosystem, I discovered an engaged community of developers working to find practical solutions to many problems, one of them being saving time. Here are

Please note: This is not a public comment – only the Guardian can see your message. Our writers will monitor these messages and respond to some in this live blog, but unfortunately they will not be able to respond to every message. Mon 25 Mar 2024 17.24 CETFirst published on Mon 25 Mar 2024 10.31

In March last year an integrated review of the UK’s defence and foreign policy said it would protect the country’s “democratic freedoms” from Chinese state attacks. A few months later the Electoral Commission confirmed why democratic institutions and processes were on the threat list as it revealed that a cyber-attack – by a then unidentified

The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia’s Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft. The findings come from Mandiant, which said Midnight Blizzard (aka APT29, BlueBravo, or Cozy

Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans (RATs), according to Trend Micro researchers. The CVE-2024-27198 timeline CVE-2024-27198, an authentication bypass vulnerability affecting the TeamCity server, has been disclosed and fixed

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against two 46-year-old Russian nationals and the respective companies they own for engaging in cyber influence operations. Ilya Andreevich Gambashidze (Gambashidze), the founder of the Moscow-based company Social Design Agency (SDA), and Nikolai Aleksandrovich Tupikin (Tupikin), the CEO and current owner

The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show. The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russian military intelligence. “AcidPour’s expanded capabilities would enable it to better disable embedded

Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that’s used to target Laravel applications and steal sensitive data. “It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio,” Juniper Threat Labs researcher Kashinath T Pattan said. “Classified as an SMTP cracker,