Category: IT security News

Clever Phishing Campaign Uses Google Drawings and WhatsApp Links for Cyberattacks In the constantly evolving landscape of cyber threats, researchers have uncovered a sophisticated phishing campaign that employs unconventional tactics to deceive users. This novel approach leverages popular platforms like Google Drawings and WhatsApp to orchestrate attacks that evade detection and lure unsuspecting individuals into…

Microsoft to Address Windows Update Vulnerabilities Microsoft recently announced that it is in the process of developing security updates to counter two vulnerabilities that could potentially be exploited for downgrading attacks on the Windows update framework. These vulnerabilities could allow threat actors to substitute newer versions of Windows files with older ones, posing a significant…

The Immersive Experience Happening This September in Las Vegas! In an era of relentless cybersecurity threats and rapid technological advancement, staying ahead of the curve is not just a necessity, but critical. SANS Institute, the premier global authority in cybersecurity training, is thrilled to announce Network Security 2024, a landmark event designed to empower cybersecurity…

The High Stakes of Ransomware: BlackSuit Demands $500 Million In the high-stakes world of ransomware, the BlackSuit strain has emerged as a formidable threat, demanding exorbitant amounts of money from its victims. Reports from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) indicate that BlackSuit has demanded as…

Critical Security Flaw in Progress Software WhatsUp Gold Under Attack A critical security flaw has been identified in Progress Software’s WhatsUp Gold, a popular network monitoring application. This vulnerability, known as CVE-2024-4885 and with a CVSS score of 9.8, poses a severe risk as it allows for unauthenticated remote code execution. This means that attackers…

Cybersecurity Researchers Unveil Novel Linux Kernel Exploitation Technique Cybersecurity researchers have uncovered a groundbreaking Linux kernel exploitation technique known as SLUBStick. This innovative method has the potential to elevate a limited heap vulnerability to an arbitrary memory read-and-write primitive, posing a serious threat to system security. The Intricacies of SLUBStick The technique relies on a…

The Threat of GoGra: A New Backdoor Targeting Media Organizations in South Asia In November 2023, an unnamed media organization in South Asia fell victim to a sophisticated cyberattack utilizing a previously undocumented backdoor named GoGra. The malicious tool, written in Go programming language, leverages the Microsoft Graph API to communicate with a command-and-control (C&C)…

CrowdStrike’s Root Cause Analysis of Falcon Sensor Software Update Crash Cybersecurity firm CrowdStrike recently documented a root cause analysis elucidating the unfortunate Falcon Sensor software update debacle that caused widespread havoc on numerous Windows devices worldwide. The mishap, dubbed the “Channel File 291” incident in their Preliminary Post Incident Review (PIR), has been attributed to…

Cybersecurity Researchers Expose New Trickery by Chameleon Android Banking Trojan In an ongoing battle against cyber threats, cybersecurity researchers have unearthed a new technique employed by threat actors associated with the Chameleon Android banking trojan. This strategy is aimed at deceiving users in Canada, as the trojan disguises itself as a Customer Relationship Management (CRM)…

Apple Enhances macOS Security with Gatekeeper Update On Tuesday, Apple unveiled a significant update to its advanced macOS version, aiming to bolster security measures by tightening Gatekeeper protections. Gatekeeper plays a pivotal role in safeguarding macOS, allowing only verified applications to run on the system. This security feature becomes particularly active when users attempt to…