🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade detection. #cybersecurity #Security #infosec #infosecurity #pirated #Windows11 #windows #windows10 #Microsoft #malware #Hacking

The Chinese threat group 'ChamelGang' infects Linux devices with a previously unknown implant named 'ChamelDoH,' allowing DNS-over-HTTPS communications with attackers' servers. #cybersecurity #Security #infosec #infosecurity #China #Chinese #hacker #hackers #Linux #malware #hack

The U.S. Department of Justice (DoJ) unveiled charges against a Russian national for his alleged involvement in deploying LockBit ransomware to targets in the U.S., Asia, Europe, and Africa. #cybersecurity #Security #infosec #infosecurity #Russian #hacker #ransomware #arrested

Two "dangerous" security vulnerabilities have been disclosed in Microsoft Azure Bastion and Azure Container Registry that could have been exploited to carry out cross-site scripting (XSS) attacks. #cybersecurity #Security #infosec #infosecurity #Microsoft #Azure #vulnerability

A global cyberattack targeting numerous US federal government institutions has been launched as a result of the recent revelation of vulnerabilities in the MOVEit Transfer & MOVEit Cloud platforms. #cybersecurity #Security #infosec #infosecurity #USA #government #Hacked #moveit

The U.S. State Department's Rewards for Justice program announced up to a $10 million bounty for information linking the Clop ransomware attacks to a foreign government. #cybersecurity #Security #infosecurity #infosec #USA #bounty #ransomware #CyberAttack #moveit #Rewards #clop

A widespread brand impersonation campaign targeting over a hundred popular apparel, footwear, and clothing brands has been underway since June 2022, tricking people into entering their account credentials and financial info on fake websites. #cybersecurity #phishing #Security

The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. On February 9th, Reddit disclosed that its systems were hacked on February 5th. #cybersecurity #Security #reddit #Hacked

Microsoft has confirmed that recent outages to Azure, Outlook, and OneDrive web portals resulted from Layer 7 DDoS attacks against the company's services. The attacks are being attributed to an attacker tracked by Microsoft as Anonymous Sudan. #cybersecurity #Microsoft #ddos

An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. #CyberSecurity #Security #infosec #infosecurity #Android #malware #warning #hack

Over 101,100 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials. #cybersecurity #Security #infosecurity #ChatGPT #DarkWeb #OpenAI #malware

Researchers uncovered a new phishing email campaign that employs ChatGPT and Google Bard to launch sophisticated email attacks. Threat actors had started relying on Artificial Intelligence since November 2022. #cybersecurity #security #infosec #ChatGPT #googlebard #phishing

A malware campaign is using fake OnlyFans content and adult lures to install a remote access trojan known as 'DcRAT,' allowing threat actors to steal data and credentials or deploy ransomware on the infected device. #cybersecurity #Security #infosec #onlyfans #malware #Hacking

In what's a new kind of software supply chain attack aimed at open source projects, it has emerged that threat actors could seize control of expired Amazon S3 buckets to serve rogue binaries without altering the modules themselves. #CyberSecurity #Security #infosec #amazons3

The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal their online trail in response to public disclosures about their modus operandi. #cybersecurity #Security #infosec #infosecurity #malware #hack

Cybersecurity researchers have uncovered a set of malicious artifacts that they say is part of a sophisticated toolkit targeting Apple macOS systems. As of now, these samples are still largely undetected and very little information is available. #cybersecurity #Security #Apple

Proof-of-concept exploit code is now available for a high-severity flaw in Cisco Secure Client Software for Windows (formerly AnyConnect Secure Mobility Client) that can let attackers elevate privileges to SYSTEM. #cybersecurity #Security #infosec #Cisco #exploit #Hacking #hack

A security shortcoming in Microsoft Azure Active Directory (AD) OAuth process could have been exploited to achieve full account takeover, researchers said. Descope, which discovered & reported the issue in April 2023, dubbed it nOAuth. #cybersecurity #Security #microsoft #Azure

An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware including the Tsunami DDoS bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner. #CyberSecurity #Security #infosec #infosecurity #Linux #ssh #ddos

Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources. #CyberSecurity #Security #infosec #infosecurity #MicrosoftTeams #Microsoft #vulnerability #malware