CISA Warns of Critical Flaws in Illumina’s DNA Sequencing Instruments

Apr 29, 2023Ravie LakshmananHealthcare / Cybersecurity The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released an Industrial Control Systems (ICS) medical advisory warning of a critical flaw impacting Illumina medical devices. The issues impact the Universal Copy Service (UCS) software in the Illumina MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq 550, NextSeq 1000/2000, and NovaSeq 6000 DNA sequencing instruments.…
Read more

Attention Online Shoppers: Don’t Be Fooled by Their Sleek, Modern Looks — It’s Magecart!

Apr 28, 2023Ravie LakshmananOnline Security / Website Hacking An ongoing Magecart campaign has attracted the attention of cybersecurity researchers for leveraging realistic-looking fake payment screens to capture sensitive data entered by unsuspecting users. “The threat actor used original logos from the compromised store and customized a web element known as a modal to perfectly hijack the checkout page,” Jérôme Segura, director of threat intelligence at Malwarebytes, said.…
Read more

ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection

Apr 28, 2023Ravie LakshmananData Security / Malware A significant number of victims in the consumer and enterprise sectors located across Australia, Japan, the U.S., and India have been affected by an evasive information-stealing malware called ViperSoftX. ViperSoftX was first documented in 2020, with cybersecurity company Avast detailing a campaign in November 2022 that leveraged the malware to distribute a malicious Google Chrome extension capable of siphoning cryptocurrencies from wallet applications.…
Read more

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

Apr 28, 2023Ravie LakshmananNetwork Security / Vulnerability Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems. The issue, tracked as CVE-2023-28771, is rated 9.8 on the CVSS scoring system.…
Read more

Why Your Detection-First Security Approach Isn’t Working

Stopping new and evasive threats is one of the greatest challenges in cybersecurity. This is among the biggest reasons why attacks increased dramatically in the past year yet again, despite the estimated $172 billion spent on global cybersecurity in 2022. Armed with cloud-based tools and backed by sophisticated affiliate networks, threat actors can develop new and evasive malware more quickly than organizations can update their protections.…
Read more

New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets

Apr 28, 2023Ravie LakshmananEndpoint Security / Cryptocurrency Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer (or AMOS) on Telegram for $1,000 per month, joining the likes of MacStealer. “The Atomic macOS Stealer can steal various types of information from the victim’s machine, including Keychain passwords, complete system information, files from the desktop and documents folder, and even the macOS password,” Cyble researchers said in a technical report.…
Read more

Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions

Apr 28, 2023Ravie LakshmananMalware / Cyber Threat South Korean education, construction, diplomatic, and political institutions are at the receiving end of new attacks perpetrated by a China-aligned threat actor known as the Tonto Team. “Recent cases have revealed that the group is using a file related to anti-malware products to ultimately execute their malicious attacks,” the AhnLab Security Emergency Response Center (ASEC) said in a report published this week.…
Read more

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

Apr 27, 2023Ravie LakshmananBotnet / Cyber Crime Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and “decelerate” its growth. The tech giant’s Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to “not only hold criminal operators of malware accountable, but also those who profit from its distribution.” CryptBot is estimated to have infected over 670,000 computers in 2022 with the goal of stealing sensitive data such as authentication credentials, social media account logins, and cryptocurrency wallets from users of Google Chrome.…
Read more

Unique Visitors
» 1,141 Today
» 42,130 Yesterday
» 104,959 This Week
» 557,101 This Month
» 3,250,388 This Year
» 19,485,483 Total (since 2019-12-11)
» Record: 205,757 (2023-08-13)
Counter by DarkWeb.Solutions