The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go.
Microsoft addressed two zero-day vulnerabilities, tracked as CVE-2024-29988 and CVE-2024-26234, that threat actors are exploiting to deliver malware payloads on vulnerable systems.
Palo Alto Networks released security updates to address several high-severity vulnerabilities in its PAN-OS operating system, including CVE-2024-3385, CVE-2024-3384, CVE-2024-3382.
Attackers are adept at identifying and exploiting the most cost-effective methods of compromise, highlighting the critical need for organizations to implement asset identification and understand assets’ security posture in relation to the network.
CISA is taking an active role in collaborating with private industry partners to respond to this incident, especially as it relates to impacted critical infrastructure sector organizations.
In recent months, Sucuri researchers encountered a number of cases where attackers inject malware into website software that allows for custom or miscellaneous code, such as the Magento admin panel or WordPress plugins.
In 2022, Earth Hundun began using the latest version of Waterbear (aka Deuterbear) which has several changes, including anti-memory scanning and decryption routines, that distinguish it from the original Waterbear.
An ongoing malvertising campaign is targeting IT administrators looking to download system utilities such as PuTTY (a free SSH and Telnet client) and FileZilla (a free cross-platform FTP application).
Users started noticing on Monday that X’s programmers implemented a rule on its iOS app that auto-changed Twitter.com links that appeared in Xeets (tweets) to X.com links.
Researchers have demonstrated the “first native Spectre v2 exploit” for a new speculative execution side-channel flaw that impacts Linux systems running on many modern Intel processors.