Cyber security aggregate rss news

Cyber security aggregator - feeds history

totals: cyware (6) thehackernews (2)

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

cyware May 06, 2023 Malware and Vulnerabilities

According to new data by Cyble Research and Intelligence Labs (CRIL), Kekw malware can steal sensitive information from infected systems and perform clipper activities that can hijack cryptocurrency transactions.

Meta Cracks Down on South Asian Cyberespionage Groups

cyware May 06, 2023 Threat Actors

Social media giant Meta took down hundreds of fake Facebook and Instagram accounts used by South Asia advanced persistent threat groups to glean sensitive information and coax users into installing malware.

ALPHV gang claims ransomware attack on Constellation Software

cyware May 06, 2023 Breaches and Incidents

Canadian diversified software company Constellation Software confirmed on Thursday that some of its systems were breached by threat actors who also stole personal information and business data.

Kimsuky Enhances its BabyShark Recon Tool in a Global Campaign

cyware May 06, 2023 Threat Actors

North Korean hacking group Kimsuky is distributing a new version of its reconnaissance malware called ReconShark. The cyberespionage campaign involves sending emails containing a link to a password-protected doc hosted on Microsoft OneDrive. The malware can steal sensitive data from the infected system, including running processes, connected batteries, and endpoint threat detection mechanisms.

Drone Goggles Maker Orqa Hit with 'Time-bomb' Ransomware Attack

cyware May 06, 2023 Breaches and Incidents

Orqa, a maker of FPV drone racing goggles, claimed that a contractor introduced code into the firmware of the devices, designed to brick them as a time bomb. Findings say that the contractor had been in business relations with Orqa for several years and had waited for the code bomb to detonate. Orqa has issued a show more ...

warning, urging users not to install the unofficial firmware version, as it may be another piece of malicious code.

Russian actor Uses WinRAR and DD Command to Destroy Ukrainian Data

cyware May 06, 2023 Threat Actors

CERT-UA confirmed the discovery of a malicious script dubbed RoarBat that is most probably being used by the Russian threat group Sandworm to wipe off data from Ukrainian state networks. The script uses the WinRaR application for archiving and compressing applications and then deleting specific files. However, Ukrainian defenders attributed the attack to Sandworm with moderate confidence.

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

thehackernews May 06, 2023 Feed

Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. The issue, assigned the identifier CVE-2023-30777, relates to a case of reflected cross-site scripting (XSS) that could be abused to inject arbitrary executable scripts into otherwise benign websites. The plugin, which is available both as a free and pro

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry

thehackernews May 06, 2023 Feed

An advanced persistent threat (APT) actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel DLL side-loading mechanism. "The attack is based on a classic side-loading attack, consisting of a clean application, a malicious loader, and an encrypted payload, with various modifications made to these components over time," Sophos researcher

2023-05

202020212022202320242025

Aggregator history

Saturday, May 06

MON

TUE

WED

THU

FRI

SAT

SUN