New Malware Campaign Using PureCrypter: What You Need to Know Cybersecurity researchers recently disclosed a concerning malware campaign that uses a malware loader called PureCrypter to deliver a remote access trojan (RAT) known as DarkVision RAT. This alarming activity was observed by Zscaler ThreatLabz in July 2024. The campaign involves a multi-stage process designed to…
Understanding Zero-Day Vulnerabilities In recent years, the number and sophistication of zero-day vulnerabilities have surged. These are critical security flaws in software that are unknown to the vendor and remain unpatched at the time of discovery. Attackers exploit these vulnerabilities before any defensive measures can be implemented, making zero-days a potent weapon for cybercriminals. Organizations…
Uvod Za zaščito vašega poslovanja pred grožnjami je ključna izbira pravih rešitev za varnost omrežja. Ena od najpomembnejših področij je kar se tiče DNS (Domain Name System), DHCP (Dynamic Host Configuration Protocol) in upravljanja IP naslovov (IP Address Management – IPAM). Dva najbolj pomembna igralca v tej kategoriji sta Infoblox in EfficientIP. V tem članku…
CVERC's Claims: Volt Typhoon as a Fabrication by the U.S. China's National Computer Virus Emergency Response Center (CVERC) has intensified its assertions that the threat actor known as Volt Typhoon is a creation of the U.S. and its allies. By collaborating with the National Engineering Laboratory for Computer Virus Prevention Technology, the agency presented a…
China's National Computer Virus Emergency Response Center (CVERC) has recently intensified its claims surrounding the threat actor known as Volt Typhoon. The agency asserts that Volt Typhoon is merely a creation of the United States and its allies, aimed at distracting attention from cyber activities prevalent among these nations. This assertion emerged from a joint…
New Malware Campaign: A Closer Look at Hijack Loader Cybersecurity researchers from the French firm HarfangLab have recently uncovered a new malware campaign. This campaign utilizes Hijack Loader artifacts that are signed with legitimate code-signing certificates. In particular, this attack targets users with a potent information stealer known as Lumma. The detection of this activity…
Jetpack WordPress Plugin Security Update: Critical Vulnerability Fixed The maintainers of the Jetpack WordPress plugin recently announced a security update to address a critical vulnerability. This issue could potentially allow logged-in users to access forms submitted by others on a website. Jetpack, owned by Automattic—the maker of WordPress—offers a powerful suite of tools for website…
## Domnevna kraja podatkovnih baz indijskih podjetij: Kibernetske grožnje in nujni varnostni ukrepi Nedavno poročilo Dark Web Informer je razkrilo resno ranljivost indijskih podjetij, saj naj bi grožnja igralca dostopila do podatkov več kot 50 indijskih podjetij in te podatke objavila na [temnem spletu](https://cyberpress.org/dutch-dark-web-market/). Ta incident opozarja na nenehno prisotnost kibernetskih groženj, ki predstavljajo resno…
Understanding Software Supply Chain Attacks Cybersecurity researchers have recently identified vulnerabilities in popular programming ecosystems like PyPI, npm, RubyGems, NuGet, Dart Pub, and Rust Crates. These entry points can be exploited to stage software supply chain attacks. Attackers can leverage these entry points to execute malicious code when specific commands are run. Consequently, this poses…
What’s Happening in Cybersecurity This Week? Hey there! It’s time for your weekly roundup featuring all the latest happenings in cybersecurity. Trust me, you NEED to be in the loop this time. This week is packed with crucial updates that range from zero-day exploits and rogue AI activities to the FBI stepping into the crypto…