‘BlazeStealer’ Python Malware Allows Complete Takeover of Developer Machines
Checkmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.
Cyber News, Cyber Threat TrendsCheckmarx researchers warn that BlazeStealer can exfiltrate information, steal passwords, disable PCs, and take over webcams.
Cyber News, Cyber Threat TrendsKaspersky said the primary focus of these actors is cyber-espionage and information gathering
Cyber News, Cyber Threat TrendsThe threat actor known as Lace Tempest has been linked to the exploitation of a zero-day flaw in SysAid IT support software in limited attacks, according to new findings from Microsoft. Lace Tempest, which is known for distributing the Cl0p ransomware, has in the past leveraged zero-day flaws in MOVEit Transfer and PaperCut servers. The […]
Cyber NewsA new malvertising campaign has been found to employ fake sites that masquerade as legitimate Windows news portal to propagate a malicious installer for a popular system profiling tool called CPU-Z. “This incident is a part of a larger malvertising campaign that targets other utilities like Notepad++, Citrix, and VNC Viewer as seen in its […]
Cyber NewsPeriodic outages began on November 8
Cyber News, Cyber Threat TrendsExtended internet of things (XIoT) security platform developer NetRise has released its Trace solution, which the company say allows users to identify and validate compromised and vulnerable third-party and proprietary software assets using an AI-powered semantic search. NetRise, based in Austin, Texas, said Trace introduces intent-driven searches to enhance vulnerability detection and validation in firmware […]
Cyber News, Cyber Threat TrendsWhile intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external entities, putting confidential data at risk of exposure to unauthorized parties. Wing Security (Wing), a SaaS security company, announced yesterday that their SaaS shadow IT discovery methods now include a solution that solves […]
Cyber NewsIranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel. “The framework’s web component is written in the Go programming language,” Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday. The tool has been attributed to MuddyWater, an Iranian state-sponsored […]
Cyber NewsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.5), the issue relates to a denial-of-service (DoS) vulnerability that could be weaponized to launch massive DoS amplification […]
Cyber News