Cyber threats

Deadglyph malware: government espionage in the Middle EastHigh modular flexibility and powerful data collection capabilities: the in-depth analysis of the Deadglyph malwareA sophisticated new malware, called Deadglyph, has been discovered in a cyber espionage attack against a government agency. It was attributed to the Stealth Falcon hacker group, serving the government of the United Arab Emirates. The malware is modular and can download new components from the control...

The need to acquire new skills to deal with artificial intelligenceLabor market transformation in the context of generative AI: challenges and opportunitiesWithin three years, 40% of workers will need to learn new skills to avoid obsolescence due to AI. The changes will be more visible to rank-and-file employees, and reskilling will be key to preserving their jobs. However, such changes will also provide growth opportunities and business benefits.

VenomRAT malware spread via fake WinRAR PoCA dangerous exploit exploiting WinRAR RCE vulnerability spreads VenomRAT malwareThreat actor releases fake PoC to exploit vulnerabilities in WinRAR, spreading VenomRAT malware via GitHub. Attacks of this type are common and target researchers analyzing vulnerabilities.

New HTTPSnoop malware attacks telecom providersA new cyber attack threatens the security of telecom companies with the HTTPSnoop malwareNew malware called HTTPSnoop and PipeSnoop are attacking telecommunications providers in the Middle East, allowing cybercriminals to execute remote commands and compromise system security. Strengthening security measures is necessary to protect these critical infrastructures.

Cyber-mining danger: malicious package discovered on GitLabA seemingly innocuous Python library hides a persistent threat of unauthorized cryptocurrency miningA malicious package called "culturestreak" discovered on GitLab: it exploits system resources to mine the Dero cryptocurrency. Checkmarx launches API to detect compromised packages. Python developers at risk. "culturestreak" package downloads binary file for mining. Be careful when downloading packages...

IT-Alert tests are arriving in Lombardy, Basilicata and Molise: possible risks of online scamsSecurity measures to adopt during IT-Alert tests: expert advice to protect your online privacyIT-Alert is an alarm system used by the Civil Protection to disseminate messages of public utility. However, cybersecurity experts raise concerns about phishing risks. Adrianus Warmenhoven, an online security expert, recommends being aware of the warnings, not clicking on suspicious links and installing...

Data Poisoning: a danger for Artificial IntelligencesMitigation strategies to protect neural networks from data poisoning threatsData poisoning is a threat to AI. By manipulating training data, attackers can reduce the reliability of models and introduce backdoors. It's difficult to eliminate it completely, but we can limit the risk with access controls and strong identification policies. Defenses such as firewalls, security patches,...

Peach Sandstorm: the persistent threat of iranian state actorsThe sophisticated cyber-espionage techniques used by Peach Sandstorm threaten global securityMicrosoft has warned of a global cyber-espionage campaign led by an Iranian state actor called Peach Sandstorm. Using password attacks and exploiting vulnerabilities, they have targeted industries such as defense and pharmaceuticals. Microsoft recommends strengthening your defenses and implementing multi-factor...

Metaverse and dark web: new territories for organized crimeThe phenomenon of cybercrime in the metaverse and the challenge of new technologiesThe metaverse and the dark web are becoming expansion grounds for mafias, which exploit encrypted communications. The Dia highlights the need for adequate security tools and international cooperation.

LockBit: attackers use alternative ransomware as a fallbackThe emerging threat: 3AM ransomware spreads as an alternative option to security locksAttackers use 3AM ransomware as an alternative to LockBit, trying to bypass security measures. Ransomware encrypts files and deletes backup copies, making recovery difficult. Symantec provides indicators to detect and protect against.

Microsoft warns of a new phishing campaign targeting businesses via Teams messagesA dangerous phishing attack threatens businesses via Microsoft Teams: here's what IT professionals need to knowMicrosoft warns of a new phishing campaign that uses messages on Teams to infiltrate corporate networks. The Storm-0324 cluster distributes payloads such as downloaders, banking Trojans, and ransomware. Emails with fake themes are also used to deceive users. Microsoft has made security improvements to...

Severe zero-day vulnerabilities in Adobe's Acrobat and ReaderUrgent updates to address serious zero-day vulnerabilities in Adobe's Acrobat and ReaderAdobe has released security updates to fix a zero-day vulnerability in Acrobat and Reader, along with other fixed vulnerabilities. The attacks exploit a flaw that allows the execution of unauthorized code. Users are encouraged to install updates to protect themselves.

WiKI-Eve attack: stealing passwords from WiFi routersThe new technique that compromises the security of Wi-Fi networks, putting user passwords at riskA new attack called WiKI-Eve exploits a vulnerability in WiFi to intercept passwords typed on smartphones. Researchers found that this attack can guess numeric passwords in less than 100 attempts with 85% accuracy. Improved security measures are needed to protect against this type of attack.

North korean hackers target cybersecurity community with zero-day attacksSophisticated tactics deployed by North Korean hackers shake cybersecurity communityNorth Korean hackers are targeting the cybersecurity community, using social engineering tactics to establish trust with their victims. They exploit zero-day vulnerabilities in popular software, evade detection through anti-VM checks, and gather information from victims' systems. This is not their first...

MacOS malware: s new threat for Apple usersA sophisticated threat that endangers the security of Apple devices and sensitive user dataThe Atomic Stealer malware for MacOS manages to bypass the Gatekeeper, the operating system's security. It is distributed via Google ads and presents itself as TradingView platform to lure victims. Once downloaded, it convinces victims to give up their password. Users should be careful to download apps...

New variant of Mirai botnet infects Android TV set-top boxesThe new threat to Android TV devices: Pandora malware spreads rapidly among low-cost set-top boxesA new variant of the Mirai malware has been discovered on low-cost Android TV devices. It spreads via malicious firmware updates and pirated apps. The user can protect themselves by choosing reputable brands and avoiding unofficial sources. Awareness about the risk of pirated content is essential.

Google's Chrome Store review process foiled by Data-StealerMalicious extensions threaten user security despite Google's new measuresAttackers can still bypass Google's review process to get malicious extensions into the Chrome Web Store, stealing sensitive data. Vulnerabilities have been discovered in the input fields of web pages. Researchers suggest measures to protect sensitive browser data.

Internal risk management in cybersecurity: a complex challengeAdvanced protection strategies to counter insider threats in cybersecurityThe article highlights the importance of managing internal risk in cybersecurity. It is highlighted that cyber attacks often involve internal components, such as employees. The difference between "internal risk" and "internal threat" and the importance of adopting a multi-layered defense strategy are...

Phishing and sex extortion: how to defend yourself and protect your reputationHow to defend yourself from online scams and preserve your privacy: advice and security measures to adoptA new sex-extortion scam scheme is targeting YouPorn users, threatening to publicly release a sex tape unless they pay a sum in cryptocurrency. Attackers exploit users' emotional vulnerability but experts advise not to give in to blackmail and to report the incident to the competent authorities.

Chrome extensions: beware of password theftMalicious Chrome extensions: how to protect your passwordsSome Chrome extensions may steal plaintext passwords from websites. Malicious extensions access data stored by the browser and recover passwords without encryption. It is recommended to uninstall suspicious extensions and use a reliable password manager to protect your credentials. Keep your browser...

MSSQL database under attack by Freeworld ransomwareThe Freeworld ransomware threat is putting MSSQL databases at risk: protect yourself with these security measuresFreeworld ransomware is attacking MSSQL databases, encrypting data and demanding a ransom to restore access. Organizations need to take security measures such as updating software and protecting backups to avoid damage and financial loss.

SandWorm: the feared hacker group that threatens UkraineThe danger of SandWorm: a group of hackers that threatens international securityThe article talks about the hacker group called SandWorm and their targeted cyber attacks in Ukraine. The group uses sophisticated phishing techniques and vulnerability exploits to infiltrate networks and steal sensitive information. In particular, their advanced malware called “Chisel” is mentioned. The...

DreamBus botnet exploits RocketMQ vulnerability to spread a cryptocurrency minerAn in-depth look at the DreamBus botnet's dissemination tactics and impacts on enterprise systemsThe DreamBus botnet exploits a vulnerability in RocketMQ software to spread a cryptocurrency miner. This malware infects systems and uses computing resources for mining. It is important to update your software, set up a firewall and use an advanced security solution to protect yourself from Dream...

Fight against cybercrime: the FBI intervenes and dismantles a vast network of infected computersThe joint action of the FBI and international partners to neutralize the Qakbot banking malwareThe FBI has dismantled the network of computers infected with Qakbot, a dangerous banking malware. This action represents a great victory in the fight against cybercrime. Users are advised to take security measures to protect their data.

Dramatic increase in DarkGate malware activityHow to protect computer systems from its advance: defense strategies and preventive measuresDarkGate malware is showing a worrying increase in use and diffusion. This sophisticated malware poses a significant threat to cyber security, with financial consequences for businesses. To defend yourself, it is important to keep your software up-to-date and take preventative measures such as user education...

Phishing as a Service gets smarterThe hidden danger in phishing: how to protect yourself from new Phishing as a Service AttacksPhishing as a Service (PhaaS) is a new method that allows cybercriminals to conduct sophisticated phishing attacks without technical knowledge. It offers paid phishing services, with advanced features. It is important to take security measures and work with the authorities to counter this threat.

WhatsApp attack: scams from unknown calls to Indian usersWhatsApp scams from the United States are on the rise: Indian users at risk of online privacy and securityWhatsApp scams from the US are putting the privacy of Indian users at risk. Scammers make unwanted calls, share deceptive links, or solicit personal or financial information. Users must avoid answering unknown numbers and be wary of calls. It is important to educate users about online safety.

LockBit 3.0: the new ransomware of cybercriminalsRansomware targeting businesses with cryptocurrencies and sophisticated featuresLockBit 3.0 is an advanced ransomware that is targeting businesses with file encryption and ransom demand. It's hard to counter, but experts recommend safety measures like regular software updates and data backups.

Crime as a Service (CaaS): the organized forms of crime multinationalsThe evolution of crime in the digital worldThe article explores the emerging phenomenon of "Crime as a Service" in the digital world. It describes how multinational crime companies offer specialized services to commit cyber crimes, the dangers this entails and the need for a global fight against this form of organized crime.

The threat of SEO Poisoning in healthcareThe invisible threat that puts information security in the health sector at riskThe article addresses the emerging threat of SEO poisoning in healthcare, explaining how it works and what its implications are for patient data security. Preventive measures are suggested to counter this threat and ensure cyber security in healthcare sector.

Vulnerability exploited in WinRAR for zero-day attacksSerious WinRAR vulnerability puts users' cyber security at risk: discovery and solutionsA serious vulnerability in the popular WinRAR program allows hackers to execute malicious code on users' systems. Millions of users may be at risk, but you can protect yourself by updating your software and being careful about RAR files from untrusted sources.

A new malware uses Wi-Fi scanning to obtain the location of the infected deviceThe evolution of threats and the importance of keeping devices protectedA new piece of malware uses Wi-Fi scanning to locate infected devices. It is important to protect yourself with updated software, antivirus and firewall, avoid suspicious links and public networks. Businesses and users must take security measures to counter increasingly sophisticated cyberthreats.

Cuba's advance: a growing threat to companiesThe tactics and intricacies of the Cuba ransomware groupRansomware group called "Cuba" is a serious threat that uses sophisticated tactics to infect and make ransom demands. His evasive techniques make it difficult to protect systems. Collaboration and advanced security are essential to counter this threat.

Carderbee cyber attacks rock Hong KongHong Kong businesses need to strengthen their cyber defenses to protect themselvesHong Kong targeted by Carderbee's cyber attacks Carderbee, a dangerous group of hackers specializing in carding and financial identity theft, has pressured the cyber defenses of numerous companies and financial institutions in Hong Kong, causing serious financial damage. Authorities work together to...

WinRAR: severe vulnerability puts your data security at riskCritical vulnerability putting millions of users and sensitive data at risk. Here's what you need to know about WinRARCritical vulnerability discovered in WinRAR, with risk of malicious code execution via malicious archives. Users are advised to update the software and take security measures to protect their systems. Promoting the culture of information security is essential.

WoofLocker: the unsuspected cybertool that puts companies' security at riskThe challenge of cybercrime and new defense strategiesThe WoofLocker toolkit is a dangerous new malware tool capable of hiding cyberthreats in an unimaginable way. It can evade antiviruses and infiltrate corporate networks, posing a growing threat to businesses and users. Security organizations are struggling to come up with effective countermeasures.

The dark link between proxy apps and Proxynation malwareThe growing threat of malware and the widespread use of proxy appsThe article explores the dark link between proxy apps and malware, focusing on "Proxynation". Explains how proxy apps can be used by cybercriminals to spread malware and the associated risks. It also suggests some measures to protect yourself from Proxynation and mitigate the dangers.

Statc Stealer emergency: new malware threatens sensitive dataThe invisible threat that puts your security at riskA dangerous new malware called Statc Stealer poses a threat to the security of sensitive data. Malware can infiltrate systems, steal valuable information, and compromise user privacy. Robust security practices must be implemented to protect systems from malware.

Critical vulnerability in Visual Studio Code: malicious extensions steal tokensA security flaw has been discovered in the popular code editor that puts developers' safety at riskCritical vulnerability discovered in Visual Studio Code: malicious extensions can steal authentication tokens. The developers have been notified and a security patch has been released. Users are advised to update software and pay attention to installed extensions. Antivirus software, strong passwords,...

Skidmap Redis: evolution and countermeasures for the new miner malwareOperational methodology, security implications and defense strategiesThe recent Skidmap malware not only mines cryptocurrencies, but also acquires root permissions, expanding its destructive potential. This malware uses a sophisticated technique based on replacing kernel modules to stay hidden. To protect yourself, it is important to constantly update your software, use...

The emergence of Shadow APIs in the cybersecurity industryUnderstanding and managing the threats posed by Shadow APIs in information security systemsThe article examines the growing problem of "Shadow APIs" in cybersecurity. APIs make it easier for apps to interact, but they can create a risk if not properly monitored and managed. The article emphasizes the importance of proper security management to prevent and respond to cyber attacks.

Analysis of Reptile: the sophisticated rootkit that threatens Linux systemsThe features, evasion strategies and prevention tips of the Reptile rootkitThe article deals with the "Reptile", a rootkit for Linux capable of acting both as a rootkit and as a trojan, evading detections. The Reptile allows unauthorized access to systems, allowing hackers to access sensitive data. To counter this threat, awareness of online safety, updating of operating systems...

FBI alert: scammers playing the robe of NFT developersScam methods and protective measures in the emerging NFT marketFBI warns of scammers posing as NFT developers to steal users' cryptographic data. They use techniques such as phishing and outright deception. Digital awareness is key to preventing these scams. Security bodies, the crypto community and NFT developers should come together to fight digital crime.

Digital fraud beware: government warning about ChatGPT scamsUnveiled the modus operandi of a new web risk: the dark side of ChatGPTThe article warns about digital scams related to the use of ChatGPT, a chat platform based on Artificial Intelligence. Fraudsters use chatbots to obtain sensitive information or trick users into clicking on dangerous links. We stress the importance of not revealing private details online and using antivirus...

Cybersecurity and quantum computing: together towards the futureThe battle between security and threats in the world of quantum computingThe article highlights the importance of cybersecurity in quantum computing, pointing out the potential threats from cybercriminals. Indicates the adoption of advanced security measures, such as post-quantum cryptography. Finally, it emphasizes the need for continuous innovation to meet future ch...

Leveraging the Google AMP service: new frontiers for phishing attacksIllegal use of Accelerated Mobile Pages in phishing attempts: a challenge for online securityPhishing attacks are becoming more sophisticated, using the Google AMP service to create URLs that masquerade as legitimate, making them difficult to detect. To counter these attacks, a multi-layered security approach is recommended, with advanced techniques and the use of two-factor authentication.

Malware services for hire: Wikiloader's alarming triumph in cybercrimeAn overview of the growing phenomenon of Malware as a Service (MaaS)Cybersecurity experts have noticed an increase in the use of Wikiloader, a malware distribution tool, in the Malware as a Service (MaaS) market. Wikiloader is versatile and can be used to carry out various types of cyber attacks, from phishing scams to botnets, thus increasing the number of possible...

Security emergency: the growing danger of VHD malware on ICS systemsModus operandi and impact of the advanced cyber threat on industrial systemsThe article discusses advanced malware called VHD that attacks industrial control systems. This malware is capable of damaging even devices isolated from the network. To counter this, the article highlights the importance of multi-layered cybersecurity strategies.

Ransomware Abyss Locker and the assault on VMware ESXi servers: analysis and preventive actionsEscalation of targeted and customized attacks puts Linux and VMware ESXi users at riskThe article is about a variant of ransomware called Abyss Locker, now attacking VMware ESXi servers on Linux. This ransomware shares similarities with Ragnar Locker, being able to encrypt particular file extensions. The article emphasizes the importance of implementing security measures, keeping up to...

SUBMARINE backdoor: the new and disturbing threat to computer securityHow hackers use open source to break into corporate systemsThe piece talks about a new, sophisticated hacker attack called "SUBMARINE backdoor". This leverages open source tools to penetrate corporate networks, creating hidden passageways to steal sensitive data. The article highlights the importance for businesses to strengthen their defenses and stay up-to-date...