Aggregator

​启明星辰安星智能体正式发布

Cyble Research & Intelligence Labs has recently found information about a new type of malware-as-a-service (MaaS) called ‘ManticoraLoader’ in some underground forums. Since August 8, 2024, on forums and Telegram, this MaaS service has been offered by the threat group “DeadXInject.” These actors were also behind the development of the “AresLoader” malware and went after […]

The post New ManticoraLoader – Malware Attacking Citrix Users To Steal Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

安全措施存漏洞

Head Mare, a Russian-focused hacktivist group, gained notoriety in 2023 by targeting organizations in Russia and Belarus as they employ phishing tactics to distribute WinRAR archives exploiting the CVE-2023-38831 vulnerability, gaining initial access to victims’ systems.  Once inside, they steal sensitive data and encrypt devices using LockBit and Babuk ransomware, whose toolset and tactics align […]

The post Head Mare Hacktivist Group Exploit WinRAR Vulnerability To Encrypt Windows And Linux appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Welcome to ANY.RUN‘s monthly update, where we share what our team has been working on.  In August, we focused on enhancing our detection tools and improving your experience. We added the new XOR-URL extractor, updated YARA rules, added new signatures, and improved network detection rules.   Here’s a closer look at what we’ve done in […]

The post Release Notes: New YARA Rules, Signatures, Config Extractors, and More  appeared first on ANY.RUN's Cybersecurity Blog.

August has seen some of the most eye-opening vulnerabilities surface, catching the attention of security experts across the globe. These aren’t just numbers in a database, they represent real challenges...

The post Top 5 CVEs and Vulnerabilities of August 2024: Key Threats and How to Respond appeared first on Strobes Security.

The post Top 5 CVEs and Vulnerabilities of August 2024: Key Threats and How to Respond appeared first on Security Boulevard.

Microsoft has identified a North Korean threat actor, Citrine Sleet, exploiting a zero-day vulnerability in Chromium (CVE-2024-7971) to gain remote code execution on cryptocurrency targets.  The threat actor deployed the FudModule rootkit, previously attributed to Diamond Sleet, suggesting potential shared use of malware between these North Korean threat actors. The V8 JavaScript engine in Chrome […]

The post North Korean Hackers Actively Exploiting Chromium RCE Zero-Day In The Wild appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Microsoft identified a new custom multi-stage backdoor, “Tickler,” deployed by the Iranian state-sponsored threat actor Peach Sandstorm between April and July 2024.  Targeting sectors like satellite, communications equipment, oil and gas, and government, Tickler has been used to gather intelligence. Peach Sandstorm also conducted password spray attacks on educational and government sectors.  The group employed […]

The post New Custom Malware “Tickler” Attack Satellite Devices appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, was found in Vmware Fusion up to 13.5 on macOS. This affects an unknown part of the component Environment Variable Handler. The manipulation of the argument environment leads to improper input validation. This vulnerability is uniquely identified as CVE-2024-38811. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

VIVOTEK has announced an upgrade to its comprehensive AI security solution with the release of the new AI feature, RealSight Engine. This feature transforms images captured by network cameras into clear, visible facial images under any lighting conditions. Even in backlit environments, facial expressions are rendered with exceptional clear. The solution eliminates complex settings, enabling immediate activation upon installation. It optimizes operational efficiency in environments such as dimly lit galleries, suburban dark parks, and low-light … More →

The post VIVOTEK RealSight Engine improves images clarity in various scenarios appeared first on Help Net Security.

Устаревшие алгоритмы открывают путь к глобальной цифровой катастрофе.

生成式人工智能发展迅速，大模型技术赋能代码分析。

免改造方案减少对现有业务的改动，为企业安全升级降低成本。

塞讯验证带您深入了解异常流量的定义与监测阻断策略，共筑稳固网络防线，护航网络安全事业！

The FBI, CISA, MS-ISAC, and HHS have released a joint advisory detailing known RansomHub ransomware indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs).  RansomHub, a ransomware-as-a-service variant, has been active since February 2024, targeting various critical infrastructure sectors, and affiliates use a double-extortion model, encrypting systems and exfiltrating data.  Victims receive a ransom […]

The post Ransomhub Attacked 210 Victims Since Feb 2024, CISA Released Advisory For Defenders appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.