Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcoming…
Cibercriminosos ligados à Rússia estão invadindo contas de oficiais governamentais, mas não através de ataques complexos e quebra de encriptação, mas engenharia social simples. A inteligência e a segurança militar dos Países Baixos (AIVD e MIVD) emitiram comunicados alertando sob…
Researchers at AllSecure have revealed how North Korean hackers from the Lazarus Group used a fake LinkedIn job interview and deepfake technology to target their CEO.
Uma campanha maliciosa identificada recentemente está utilizando o keylogger VIP para roubar informações sensíveis de usuários por meio de arquivos que escondem código malicioso utilizando esteganografia. A técnica permite ocultar componentes do malware dentro de arquivos aparent…
CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks. [...]
Uma campanha maliciosa está utilizando uma falsa atualização do Google Meet para distribuir malware capaz de comprometer computadores. O ataque ocorre por meio de páginas fraudulentas que exibem mensagens indicando que o usuário precisa instalar uma atualização para continuar uti…
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April 2024, ESET said in …
The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. [...]
Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the …
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability list is as follows - CVE-2021-22054 (CVSS score: 7.5) - A serve…
Dutch intelligence warns Russian hackers are hijacking Signal and WhatsApp accounts using fake support bots and verification code scams targeting officials and journalists.
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor. [...]
Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days. [...]
A Microsoft emitiu um alerta sobre uma nova variante do ataque ClickFix que está evadindo a detecção ao instruir as vítimas a usar o Windows Terminal em vez do tradicional diálogo “Executar”. Observada pela primeira vez em fevereiro, a campanha se passa por páginas de CAPTCHA ou …
O grupo de extorsão ShinyHunters assumiu a responsabilidade por uma campanha de roubo de dados que visa instâncias da plataforma Experience Cloud, da Salesforce. A quadrilha afirma ter comprometido entre 300 e 400 empresas, muitas delas do setor de cibersegurança, explorando conf…
Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive messages. [...]
A fresh cyberattack campaign blends malvertising with a ClickFix-style technique that highlights risky behavior with AI coding assistants and command-line interfaces.
Ericsson Inc., the U.S. subsidiary of Swedish networking and telecommunications giant Ericsson, says attackers have stolen data belonging to over 15,000 employees and customers after hacking one of its service providers. [...]
Um relatório do departamento de inteligência de ameaças da Microsoft fez um alerta para o aumento do uso de ferramentas de inteligência artificial (IA) para acelerar ataques digitais. Gerar senhas com IA é seguro? O que fazer e o que NUNCA fazer Como hackers manipulam IAs par…
Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The package, named "@openclaw-ai/openclawai," was uploaded to the registry by a user…
