AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

Cyber threats

Record DDoS attacks: fixes quickly releasedHTTP2 vulnerability exploited by large-scale DDoS attacks: here are the solutionsWeb server vendors address Rapid Reset vulnerability in HTTP2 protocol that caused DDoS attacks. Fixes have been released for many affected products. Large DDoS attacks have been mitigated thanks to a zero-day vulnerability in the HTTP/2 protocol called HTTP/2 Rapid Reset.

Hacking black market: traffic of bugs and exploits on the riseBlack market explosion: searching for vulnerabilities in the digital ageHacking mobile phones, particularly via apps like WhatsApp, is becoming increasingly expensive. Zero-day vulnerabilities have reached very high prices, demonstrating the importance of investing in security. Illegal trafficking in malware and spyware is growing, putting users' online privacy at risk....

LLMs reduce the barrier to entry into cybercrimeThe growing threat of chatbots in the field of cybercrime: a new ally for cybercriminalsCybercriminals' use of chatbots and advanced language models makes phishing campaigns increasingly effective, with threats constantly evolving. Traditional security tools often fail to detect these attacks, causing growing concern in the cybersecurity industry.

A multifaceted scourge that knows no rest: the persistent rule of NecursDefeating the dark lord of cyberspace: the never-ending fight against NecursNecurs is a botnet that distributes malware for data theft and financial damage, demonstrating great adaptability and difficulty in countering it. Recent speculation about his possible disappearance still remains uncertain.

Mozilla warns of fake Thunderbird downloads distributing ransomwareRansomware threats via fake Thunderbird downloads are on the riseMozilla has warned of scams offering Thunderbird downloads, used by ransomware group Snatch to spread malware. Users are advised to download Thunderbird only from trusted websites to protect themselves from ransomware attacks.

Cyber attacks: a magnifying glass on securityRevealing hidden vulnerabilities: an in-depth analysis of cyber attacksCyberattacks highlight gaps in corporate security, but it's important to combat hackers who abuse user data to commit fraud. The article highlights that companies need to invest in advanced technologies, train staff and take appropriate security measures to protect users.

Kaspersky unveils new malware targeting the financial and cryptocurrency sectorsThe new malware that puts the financial and cryptocurrency system at risk: Kaspersky's warningThe cryptocurrency and financial sector is threatened by three new malware: Zanubis, AsymCrypt and Lumma. Zanubis is a banking Trojan that hides in legitimate applications on Android devices. AsymCrypt hits crypto wallets and is sold on underground forums. Lumma is an ever-evolving file stealer. It is...

Temu: Spyware or just an e-commerce app?An analysis of the allegations made by Grizzly Research against Temu, the e-commerce app, and considerations on the implications for data securityE-commerce app Temu has come under accusations of being spyware aimed at collecting user data. A study highlighted cybersecurity and financial security issues with the app, but it cannot be established with certainty whether the allegations are true. One must be cautious when considering the reliability...

Effective cyber attack via images in the corporate environmentAn ingenious cyber attack that uses images to infiltrate companiesSpear-phishing emails with apparent images about the Armenia-Azerbaijan conflict hide malware that steals sensitive data. Management teams associated with Azerbaijani company targeted. The malware, written in Rust, creates temporary files to steal information during non-business hours.

Google fixes a new zero-day vulnerability exploited by a spyware vendorAn urgent patch has been released to protect users from espionage activity via a zero-day vulnerability in ChromeGoogle has released a Chrome update to address a zero-day vulnerability exploited by a spyware vendor. The stable version 117.0.5938.132 resolves the critical vulnerability identified as CVE-2023-5217. It is the sixth zero-day solved by Google in 2023.

Fake version of Bitwarden spreads ZenRAT malwareThe new ZenRAT malware uses the Bitwarden name to infect users: here's how it worksA new type of malware called ZenRAT is distributed through spoofed installation packages of the Bitwarden password manager. This malware steals sensitive information of Windows users, but redirects users of other operating systems to harmless pages.

Hackers trick Outlook by showing fake AV scansA sophisticated obfuscation technique tricks Outlook users with virus scanning scamsIn a new phishing trick called ZeroFont, cybercriminals obfuscate Outlook emails to appear to have been successfully scanned, tricking recipients. Organizations and employees must remain informed and alert to this technique to thwart phishing attacks.

Growing threat: Russian cyber warfare operations in UkraineThe increase in Russian attacks highlighted in the report of the Ukrainian cyber defense organizationRussian hackers targeted Ukrainian law enforcement agencies to gather information on war crimes investigations. Cyberattacks in Ukraine have increased, but defenses are improving. Russia integrates cyber warfare operations into its military strategies.

Ransomware Knight: the digital threat affecting ItalyThe serious threat that puts the security of Italian companies at risk: Ransomware KnightRansomware Knight attacks Italy: the dangerous malware targets companies and demands a ransom in Bitcoin. Protecting yourself from this ransomware is crucial by paying attention to suspicious emails and using telemetry and threat intelligence systems.

Deadglyph malware: government espionage in the Middle EastHigh modular flexibility and powerful data collection capabilities: the in-depth analysis of the Deadglyph malwareA sophisticated new malware, called Deadglyph, has been discovered in a cyber espionage attack against a government agency. It was attributed to the Stealth Falcon hacker group, serving the government of the United Arab Emirates. The malware is modular and can download new components from the control...

The need to acquire new skills to deal with artificial intelligenceLabor market transformation in the context of generative AI: challenges and opportunitiesWithin three years, 40% of workers will need to learn new skills to avoid obsolescence due to AI. The changes will be more visible to rank-and-file employees, and reskilling will be key to preserving their jobs. However, such changes will also provide growth opportunities and business benefits.

VenomRAT malware spread via fake WinRAR PoCA dangerous exploit exploiting WinRAR RCE vulnerability spreads VenomRAT malwareThreat actor releases fake PoC to exploit vulnerabilities in WinRAR, spreading VenomRAT malware via GitHub. Attacks of this type are common and target researchers analyzing vulnerabilities.

New HTTPSnoop malware attacks telecom providersA new cyber attack threatens the security of telecom companies with the HTTPSnoop malwareNew malware called HTTPSnoop and PipeSnoop are attacking telecommunications providers in the Middle East, allowing cybercriminals to execute remote commands and compromise system security. Strengthening security measures is necessary to protect these critical infrastructures.

Cyber-mining danger: malicious package discovered on GitLabA seemingly innocuous Python library hides a persistent threat of unauthorized cryptocurrency miningA malicious package called "culturestreak" discovered on GitLab: it exploits system resources to mine the Dero cryptocurrency. Checkmarx launches API to detect compromised packages. Python developers at risk. "culturestreak" package downloads binary file for mining. Be careful when downloading packages...

IT-Alert tests are arriving in Lombardy, Basilicata and Molise: possible risks of online scamsSecurity measures to adopt during IT-Alert tests: expert advice to protect your online privacyIT-Alert is an alarm system used by the Civil Protection to disseminate messages of public utility. However, cybersecurity experts raise concerns about phishing risks. Adrianus Warmenhoven, an online security expert, recommends being aware of the warnings, not clicking on suspicious links and installing...

Data Poisoning: a danger for Artificial IntelligencesMitigation strategies to protect neural networks from data poisoning threatsData poisoning is a threat to AI. By manipulating training data, attackers can reduce the reliability of models and introduce backdoors. It's difficult to eliminate it completely, but we can limit the risk with access controls and strong identification policies. Defenses such as firewalls, security patches,...

Peach Sandstorm: the persistent threat of iranian state actorsThe sophisticated cyber-espionage techniques used by Peach Sandstorm threaten global securityMicrosoft has warned of a global cyber-espionage campaign led by an Iranian state actor called Peach Sandstorm. Using password attacks and exploiting vulnerabilities, they have targeted industries such as defense and pharmaceuticals. Microsoft recommends strengthening your defenses and implementing multi-factor...

Metaverse and dark web: new territories for organized crimeThe phenomenon of cybercrime in the metaverse and the challenge of new technologiesThe metaverse and the dark web are becoming expansion grounds for mafias, which exploit encrypted communications. The Dia highlights the need for adequate security tools and international cooperation.

LockBit: attackers use alternative ransomware as a fallbackThe emerging threat: 3AM ransomware spreads as an alternative option to security locksAttackers use 3AM ransomware as an alternative to LockBit, trying to bypass security measures. Ransomware encrypts files and deletes backup copies, making recovery difficult. Symantec provides indicators to detect and protect against.

Microsoft warns of a new phishing campaign targeting businesses via Teams messagesA dangerous phishing attack threatens businesses via Microsoft Teams: here's what IT professionals need to knowMicrosoft warns of a new phishing campaign that uses messages on Teams to infiltrate corporate networks. The Storm-0324 cluster distributes payloads such as downloaders, banking Trojans, and ransomware. Emails with fake themes are also used to deceive users. Microsoft has made security improvements to...

Severe zero-day vulnerabilities in Adobe's Acrobat and ReaderUrgent updates to address serious zero-day vulnerabilities in Adobe's Acrobat and ReaderAdobe has released security updates to fix a zero-day vulnerability in Acrobat and Reader, along with other fixed vulnerabilities. The attacks exploit a flaw that allows the execution of unauthorized code. Users are encouraged to install updates to protect themselves.

WiKI-Eve attack: stealing passwords from WiFi routersThe new technique that compromises the security of Wi-Fi networks, putting user passwords at riskA new attack called WiKI-Eve exploits a vulnerability in WiFi to intercept passwords typed on smartphones. Researchers found that this attack can guess numeric passwords in less than 100 attempts with 85% accuracy. Improved security measures are needed to protect against this type of attack.

North korean hackers target cybersecurity community with zero-day attacksSophisticated tactics deployed by North Korean hackers shake cybersecurity communityNorth Korean hackers are targeting the cybersecurity community, using social engineering tactics to establish trust with their victims. They exploit zero-day vulnerabilities in popular software, evade detection through anti-VM checks, and gather information from victims' systems. This is not their first...

MacOS malware: s new threat for Apple usersA sophisticated threat that endangers the security of Apple devices and sensitive user dataThe Atomic Stealer malware for MacOS manages to bypass the Gatekeeper, the operating system's security. It is distributed via Google ads and presents itself as TradingView platform to lure victims. Once downloaded, it convinces victims to give up their password. Users should be careful to download apps...

New variant of Mirai botnet infects Android TV set-top boxesThe new threat to Android TV devices: Pandora malware spreads rapidly among low-cost set-top boxesA new variant of the Mirai malware has been discovered on low-cost Android TV devices. It spreads via malicious firmware updates and pirated apps. The user can protect themselves by choosing reputable brands and avoiding unofficial sources. Awareness about the risk of pirated content is essential.

Google's Chrome Store review process foiled by Data-StealerMalicious extensions threaten user security despite Google's new measuresAttackers can still bypass Google's review process to get malicious extensions into the Chrome Web Store, stealing sensitive data. Vulnerabilities have been discovered in the input fields of web pages. Researchers suggest measures to protect sensitive browser data.

Internal risk management in cybersecurity: a complex challengeAdvanced protection strategies to counter insider threats in cybersecurityThe article highlights the importance of managing internal risk in cybersecurity. It is highlighted that cyber attacks often involve internal components, such as employees. The difference between "internal risk" and "internal threat" and the importance of adopting a multi-layered defense strategy are...

Phishing and sex extortion: how to defend yourself and protect your reputationHow to defend yourself from online scams and preserve your privacy: advice and security measures to adoptA new sex-extortion scam scheme is targeting YouPorn users, threatening to publicly release a sex tape unless they pay a sum in cryptocurrency. Attackers exploit users' emotional vulnerability but experts advise not to give in to blackmail and to report the incident to the competent authorities.

Chrome extensions: beware of password theftMalicious Chrome extensions: how to protect your passwordsSome Chrome extensions may steal plaintext passwords from websites. Malicious extensions access data stored by the browser and recover passwords without encryption. It is recommended to uninstall suspicious extensions and use a reliable password manager to protect your credentials. Keep your browser...

MSSQL database under attack by Freeworld ransomwareThe Freeworld ransomware threat is putting MSSQL databases at risk: protect yourself with these security measuresFreeworld ransomware is attacking MSSQL databases, encrypting data and demanding a ransom to restore access. Organizations need to take security measures such as updating software and protecting backups to avoid damage and financial loss.

SandWorm: the feared hacker group that threatens UkraineThe danger of SandWorm: a group of hackers that threatens international securityThe article talks about the hacker group called SandWorm and their targeted cyber attacks in Ukraine. The group uses sophisticated phishing techniques and vulnerability exploits to infiltrate networks and steal sensitive information. In particular, their advanced malware called “Chisel” is mentioned. The...

DreamBus botnet exploits RocketMQ vulnerability to spread a cryptocurrency minerAn in-depth look at the DreamBus botnet's dissemination tactics and impacts on enterprise systemsThe DreamBus botnet exploits a vulnerability in RocketMQ software to spread a cryptocurrency miner. This malware infects systems and uses computing resources for mining. It is important to update your software, set up a firewall and use an advanced security solution to protect yourself from Dream...

Fight against cybercrime: the FBI intervenes and dismantles a vast network of infected computersThe joint action of the FBI and international partners to neutralize the Qakbot banking malwareThe FBI has dismantled the network of computers infected with Qakbot, a dangerous banking malware. This action represents a great victory in the fight against cybercrime. Users are advised to take security measures to protect their data.

Dramatic increase in DarkGate malware activityHow to protect computer systems from its advance: defense strategies and preventive measuresDarkGate malware is showing a worrying increase in use and diffusion. This sophisticated malware poses a significant threat to cyber security, with financial consequences for businesses. To defend yourself, it is important to keep your software up-to-date and take preventative measures such as user education...

Phishing as a Service gets smarterThe hidden danger in phishing: how to protect yourself from new Phishing as a Service AttacksPhishing as a Service (PhaaS) is a new method that allows cybercriminals to conduct sophisticated phishing attacks without technical knowledge. It offers paid phishing services, with advanced features. It is important to take security measures and work with the authorities to counter this threat.

WhatsApp attack: scams from unknown calls to Indian usersWhatsApp scams from the United States are on the rise: Indian users at risk of online privacy and securityWhatsApp scams from the US are putting the privacy of Indian users at risk. Scammers make unwanted calls, share deceptive links, or solicit personal or financial information. Users must avoid answering unknown numbers and be wary of calls. It is important to educate users about online safety.

LockBit 3.0: the new ransomware of cybercriminalsRansomware targeting businesses with cryptocurrencies and sophisticated featuresLockBit 3.0 is an advanced ransomware that is targeting businesses with file encryption and ransom demand. It's hard to counter, but experts recommend safety measures like regular software updates and data backups.

Crime as a Service (CaaS): the organized forms of crime multinationalsThe evolution of crime in the digital worldThe article explores the emerging phenomenon of "Crime as a Service" in the digital world. It describes how multinational crime companies offer specialized services to commit cyber crimes, the dangers this entails and the need for a global fight against this form of organized crime.

The threat of SEO Poisoning in healthcareThe invisible threat that puts information security in the health sector at riskThe article addresses the emerging threat of SEO poisoning in healthcare, explaining how it works and what its implications are for patient data security. Preventive measures are suggested to counter this threat and ensure cyber security in healthcare sector.

Vulnerability exploited in WinRAR for zero-day attacksSerious WinRAR vulnerability puts users' cyber security at risk: discovery and solutionsA serious vulnerability in the popular WinRAR program allows hackers to execute malicious code on users' systems. Millions of users may be at risk, but you can protect yourself by updating your software and being careful about RAR files from untrusted sources.

A new malware uses Wi-Fi scanning to obtain the location of the infected deviceThe evolution of threats and the importance of keeping devices protectedA new piece of malware uses Wi-Fi scanning to locate infected devices. It is important to protect yourself with updated software, antivirus and firewall, avoid suspicious links and public networks. Businesses and users must take security measures to counter increasingly sophisticated cyberthreats.

Cuba's advance: a growing threat to companiesThe tactics and intricacies of the Cuba ransomware groupRansomware group called "Cuba" is a serious threat that uses sophisticated tactics to infect and make ransom demands. His evasive techniques make it difficult to protect systems. Collaboration and advanced security are essential to counter this threat.

Carderbee cyber attacks rock Hong KongHong Kong businesses need to strengthen their cyber defenses to protect themselvesHong Kong targeted by Carderbee's cyber attacks Carderbee, a dangerous group of hackers specializing in carding and financial identity theft, has pressured the cyber defenses of numerous companies and financial institutions in Hong Kong, causing serious financial damage. Authorities work together to...

WinRAR: severe vulnerability puts your data security at riskCritical vulnerability putting millions of users and sensitive data at risk. Here's what you need to know about WinRARCritical vulnerability discovered in WinRAR, with risk of malicious code execution via malicious archives. Users are advised to update the software and take security measures to protect their systems. Promoting the culture of information security is essential.

WoofLocker: the unsuspected cybertool that puts companies' security at riskThe challenge of cybercrime and new defense strategiesThe WoofLocker toolkit is a dangerous new malware tool capable of hiding cyberthreats in an unimaginable way. It can evade antiviruses and infiltrate corporate networks, posing a growing threat to businesses and users. Security organizations are struggling to come up with effective countermeasures.