Helga Labus
US organizations targeted with emails delivering NetSupport RAT
Employees at US-based organizations are being targeted with emails delivering NetSupport RAT malware via “nuanced” exploitation and by using an advanced detection …
Attackers are targeting financial departments with SmokeLoader malware
Financially motivated hackers have been leveraging SmokeLoader malware in a series of phishing campaigns predominantly targeting Ukrainian government and administration …
Attackers are exploiting JetBrains TeamCity flaw to deliver a variety of malware
Attackers are exploiting the recently patched JetBrains TeamCity auth bypass vulnerability (CVE-2024-27198) to deliver ransomware, cryptominers and remote access trojans …
PoC exploit for critical Fortra FileCatalyst MFT vulnerability released (CVE-2024-25153)
Proof-of-concept (PoC) exploit code for a critical RCE vulnerability (CVE-2024-25153) in Fortra FileCatalyst MFT solution has been published. About CVE-2024-25153 Fortra …
Fujitsu finds malware on company systems, investigates possible data breach
Fujitsu Limited, the largest Japanese IT services provider, has announced that several of the company’s computers have been compromised with malware, leading to a …
Nissan breach exposed data of 100,000 individuals
Nissan Oceania has confirmed that the data breach it suffered in December 2023 affected around 100,000 individuals and has begun notifying them. First response In early …
43 million workers potentially affected in France Travail data breach
French national unemployment agency France Travail (formerly Pôle emploi) and Cap emploi, a government employment service for people with disabilities, have suffered a data …
Hackers leverage 1-day vulnerabilities to deliver custom Linux malware
A financially motivated threat actor is using known vulnerabilities to target public-facing services and deliver custom malware to unpatched Windows and Linux systems. Among …
Tax-related scams escalate as filing deadline approaches
As the April 15, 2024 tax filing deadline approaches in the US, some old and some new tax-related scams are targeting both taxpayers and tax professionals. Tax-related scams …
Immediate AI risks and tomorrow’s dangers
“At the most basic level, AI has given malicious attackers superpowers,” Mackenzie Jackson, developer and security advocate at GitGuardian, told the audience last …
VMware patches critical flaws in ESXi, Workstation, Fusion and Cloud Foundation
VMware has fixed four vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255) in ESXi, Workstation, Fusion and Cloud Foundation, some of which could …
Phishers target FCC, crypto holders via fake Okta SSO pages
A new phishing campaign is using fake Okta single sign-on (SSO) pages for the Federal Communications Commission (FCC) and for various cryptocurrency platforms to target users …