Over a million domains vulnerable to Sitting Ducks attack A recent joint analysis by Infoblox and Eclypsium has uncovered a looming threat in the cybersecurity landscape – the Sitting Ducks attack. This potent attack vector targets vulnerabilities in the domain name system (DNS) and is currently being leveraged by more than a dozen Russian-affiliated cybercriminal…
The Stack Exchange Platform Abused for Malicious Intent In the ever-evolving landscape of cybersecurity threats, a new scheme has emerged that targets developers on the popular Q&A platform, Stack Exchange. This platform, utilized by many developers seeking solutions to coding queries, has been exploited by threat actors to lure unsuspecting users into downloading fake Python…
Unveiling the BingoMod Android RAT In the ever-evolving landscape of cybersecurity threats, a new Android Remote Access Trojan (RAT) named BingoMod has emerged as a significant concern. Uncovered by cybersecurity researchers, this malicious software not only facilitates fraudulent money transfers from compromised devices but also takes the extreme measure of wiping them clean to remove…
Understanding Obfuscation in IT Security In the realm of IT security, obfuscation is a double-edged sword. This technique involves deliberately complicating information to make it harder to interpret, with the goal of protecting software code. However, it is not only cybersecurity professionals who employ obfuscation; malware authors also use it to cloak malicious code and…
Google Chrome Bolsters Security with App-Bound Encryption Google is not sitting idly by when it comes to protecting its users, especially on Windows systems. The tech giant is rolling out a new security feature for its Chrome browser called app-bound encryption to combat potential cookie theft by malware. This encryption method adds an extra layer…
Odkrivanje malwareja AcidPour na Linux operacijskih sistemih V zadnjih dneh se je na Linux operacijskih sistemih pojavilo novo zlonamerno programsko orodje, imenovano AcidPour. To odkritje je močno sprožilo pozornost IT strokovnjakov in sistemskih administratorjev zaradi njegove sposobnosti uničenja podatkov. AcidPour lahko nevratno izbriše vse podatke na prizadetem sistemu, kar predstavlja izjemno tveganje za vse vrste…
Facebook Users Targeted by Scam E-Commerce Network In a recent discovery made by Recorded Future’s Payment Fraud Intelligence team on April 17, 2024, a sophisticated scam e-commerce network targeting Facebook users has been unearthed. This fraudulent operation, now known as ERIAKOS, relies on a network of hundreds of counterfeit websites to dupe unsuspecting victims into…
ChatGPT razvit od Metae izkazuje zaskrbljujoče sposobnosti za sofisticirane računalniške napade V zadnjem času je bila umetna inteligenca hitro napreduječa tehnologija, ki prinaša številne prednosti. Vendar pa se z vsakim napredkom pojavljajo tudi nove ranljivosti. Ena izmed najnovejših skrbi izhaja iz razvoja naprednih sposobnosti ChatGPT, ki ga je razvila Meta. Čeprav so ti napredki fascinantni,…
Certificate Authority DigiCert to Revoke SSL/TLS Certificates Certificate authority (CA) DigiCert has recently issued a warning regarding a subset of SSL/TLS certificates that are at risk of being revoked within the next 24 hours. The reason behind this decision is an oversight in the verification process used to confirm if a digital certificate has been…
Emerging Threat Campaign Targets Software Developers In the world of cybersecurity, new threats are always on the horizon, and the latest one comes in the form of an ongoing malware campaign targeting software developers. The threat actors behind this campaign, known as DEV#POPPER, have upped their game by showcasing new malware and tactics, which now…