This article explores Netcraft’s research into the use of generative artificial intelligence (GenAI) to create text for fraudulent websites in 2024. Insight ...
We’re sharing an update on suspected state-backed attacker APT29 and the use of exploits identical to those used by Intellexa and NSO.
The Akamai Security Intelligence and Response Team (SIRT) has observed a botnet campaign that is abusing several previously exploited vulnerabilities, as well as a zero-day vulnerability discovered by the SIRT.
CVE-2024-7029 (discovered by Aline Eliovich) is a command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE).
Once injected, the botnet spreads a Mirai variant with string names that reference the COVID-19 virus that has been seen since at least 2020.
We have included a list of indicators of compromise (IOCs) to assist in defense against this threat.
Telegram is vital to hacktivist groups and their operations. They would have limited platforms to operate on without Telegram, they try X but are often shut-down and they would likely get drowned out if they tried to operate on underground forums.
Kaspersky experts discovered a macOS version of the HZ Rat backdoor, which collects user data from WeChat and DingTalk messengers.
Arrest warrants for Pavel and Nikolai Durov were issued months earlier than previously known.
On August 25th 2024, Global Secure Layer mitigated the largest packet rate DDoS attack recorded against our platform
Threat Actors Retaliate After Durov’s Arrest Discover the latest security threats and database leaks, including unauthorized VPN access and email breaches, in the cyber underground world.Stay informed about emerging cyber threats, such as unauthorized access to databases and sensitive information leaks, affecting global companies and organizations.Learn about the latest cyber incidents, including DDoS attacks and malware threats targeting cryptocurrency wallets and financial institutions.
Ces dernières heures, plusieurs sites français disent avoir été visés par des attaques informatiques. A l’origine de ces actions : des petits groupes de hackeurs qui réclament la libération du patron de Telegram.
Malicious hackers are exploiting a zero-day vulnerability in Versa Director, a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon, a Chinese cyber espionage group focused on infiltrating critical U.S.…
When Pavel Durov, founder and CEO of messaging app Telegram, was arrested on August 24, French authorities did not respond to requests for comment. The
Pidgin is a universal chat client, allowing you to consolidate all your different messaging apps into a single tool.
A 17-year-old student has launched a dedicated portal to exposing Germany's 'secret' pirate site blocklist to the public.
Learn about the ClearFake Trojan malware distributed via WordPress sites, its tactics, and how to safeguard your online experience.
This blog is reserved for more serious things, and ordinarily I wouldn't spend time on questions like the above. But much as I'd like to spend my time writing about exciting topics, sometimes the world requires a bit of what Brad Delong calls "Intellectual Garbage Pickup," namely: correcting wrong, or mostly-wrong ideas that spread unchecked…
The messaging app says “it is absurd to claim that a platform or its owner are responsible for abuse of that platform” after CEO Pavel Durov was arrested by French authorities.
In this post, we analyze a new opportunistic exploitation campaign based on the Log4j vulnerability.
In today’s post, We’ll explore the process of designing and developing malware for macOS, which is a Unix-based operating system. We’ll use a classic approach to understanding Apple’s internals. To follow along, you should have a basic understanding of exploitation, as well as knowledge of C and Python programming, and some familiarity with low-level assembly language. While the topics may be advanced, I’ll do my best to present them smoothly.
Imagine this: an OpenSSH backdoor is discovered, maintainers rush to push out a fixed release package, security researchers trade technical details on mailing lists to analyze the backdoor code. Speculation abounds on the attribution and motives of the attacker, and the tech media pounces on the story. A near miss of epic proportions, a blow to the fabric of trust underlying open source development, a stark reminder of the risks of supply-chain attacks. Equal measures brilliant and devious.
