Cyber security aggregate rss news

Cyber security aggregator - feeds history

 Threat Actors

Social media giant Meta took down hundreds of fake Facebook and Instagram accounts used by South Asia advanced persistent threat groups to glean sensitive information and coax users into installing malware.

 Threat Actors

North Korean hacking group Kimsuky is distributing a new version of its reconnaissance malware called ReconShark. The cyberespionage campaign involves sending emails containing a link to a password-protected doc hosted on Microsoft OneDrive. The malware can steal sensitive data from the infected system, including running processes, connected batteries, and endpoint threat detection mechanisms.

 Breaches and Incidents

Orqa, a maker of FPV drone racing goggles, claimed that a contractor introduced code into the firmware of the devices, designed to brick them as a time bomb. Findings say that the contractor had been in business relations with Orqa for several years and had waited for the code bomb to detonate. Orqa has issued a   show more ...

warning, urging users not to install the unofficial firmware version, as it may be another piece of malicious code.

 Threat Actors

CERT-UA confirmed the discovery of a malicious script dubbed RoarBat that is most probably being used by the Russian threat group Sandworm to wipe off data from Ukrainian state networks. The script uses the WinRaR application for archiving and compressing applications and then deleting specific files. However, Ukrainian defenders attributed the attack to Sandworm with moderate confidence.

 Feed

Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a security flaw. The issue, assigned the identifier CVE-2023-30777, relates to a case of reflected cross-site scripting (XSS) that could be abused to inject arbitrary executable scripts into otherwise benign websites. The plugin, which is available both as a free and pro

 Feed

An advanced persistent threat (APT) actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel DLL side-loading mechanism. "The attack is based on a classic side-loading attack, consisting of a clean application, a malicious loader, and an encrypted payload, with various modifications made to these components over time," Sophos researcher

2023-05
Aggregator history
Saturday, May 06
MON
TUE
WED
THU
FRI
SAT
SUN
MayJuneJuly