Cybersecurity Flaws in Open-Source ML Tools Cybersecurity researchers have recently discovered multiple security flaws impacting open-source machine learning (ML) tools. Frameworks like MLflow, H2O, PyTorch, and MLeap are among those affected. These vulnerabilities could potentially allow malicious actors to execute code. Identifying and addressing these flaws is crucial for developers and businesses relying on these…
The modern business landscape is both thrilling and daunting. With rapidly evolving technology, persistent cyber threats, and increasing operational complexities, data protection and seamless business continuity can feel like a Herculean task. Organizations of all sizes need comprehensive security measures that go beyond traditional backup solutions to address the intricacies of today’s complex IT ecosystems….
The Expansion of More_eggs Malware Operations The threat actors behind the More_eggs malware have recently expanded their operations by introducing new malware families. This development sheds light on their growing malware-as-a-service (MaaS) strategy. Notably, this includes two noteworthy malware variants: a novel information-stealing backdoor known as RevC2 and a loader referred to as Venom Loader….
Gamaredon’s Tactics: Leveraging Cloudflare Tunnels for Malware Distribution The threat actor known as Gamaredon has been actively observed using Cloudflare Tunnels to hide its staging infrastructure, where it hosts the malware called GammaDrop. This activity is part of a broader spear-phishing campaign aimed at Ukrainian entities, which has been ongoing since early 2024. According to…
## Konec življenja naprave D-Link DSL-6740C in naraščajoče varnostne ranljivosti Model D-Link DSL-6740C, ki ni na voljo v ZDA, je uradno dosegel konec uporabne dobe (EOL) 15. januarja 2024. To pomeni, da D-Link preneha zagotavljati kakršno koli podporo ali razvoj za to napravo. Zaradi tega je DSL-6740C izpostavljen mnogim varnostnim ranljivostim, kar postavlja uporabnike pred…
As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. This malware poses a significant risk, employing advanced techniques that allow it to evade discovery while stealing sensitive data from users. What is DroidBot? DroidBot is a state-of-the-art remote…
Understanding Vulnerability Management Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, VM helps organizations identify and address potential security issues before they escalate into serious problems. However, the limitations of this approach have become increasingly evident in recent years. In this blog post,…
Europol's Major Operation Against Manson Market Europol has taken a significant step in the fight against online fraud. On Thursday, the agency announced the shutdown of a clearnet marketplace known as Manson Market. This platform facilitated large-scale online fraud, affecting countless individuals and businesses. The operation, primarily led by German authorities, has resulted in the…
Understanding the Mitel MiCollab Vulnerability Cybersecurity researchers have recently discovered a serious security flaw within Mitel MiCollab. This flaw, identified as CVE-2024-41713, carries a high CVSS score of 9.8. It allows attackers to exploit a weakness in the system to gain access to sensitive files from vulnerable instances. This poses a significant risk to organizations…
Understanding the Earth Minotaur Threat Activity Cluster A new and previously undocumented threat activity cluster, known as Earth Minotaur, is making waves in cybersecurity discussions. This cluster utilizes the MOONSHINE exploit kit to deliver a dangerous backdoor called DarkNimbus. The targets of these operations include minorities such as Tibetans and Uyghurs, indicating a troubling trend…