The malicious PyPI package, named “solana-py,” had 1,122 downloads before being removed. It mimicked the legitimate “solana” package with version numbers 0.34.3, 0.34.4, and 0.34.5.
Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) have made it easier for cybercriminals to carry out sophisticated attacks, according to Darktrace. These subscription-based tools have lowered the barrier for less experienced attackers.
The vulnerability, identified as CVE-2024-38200, affects various versions of Office, including Microsoft Office 2016, Microsoft Office LTSC 2021, Microsoft 365 Apps, and Microsoft Office 2019.
The United Nations has unanimously passed its first cybercrime treaty, initially proposed by Russia. This treaty establishes a global legal framework for addressing cybercrime and data access.
The first vulnerability, CVE-2024-42219, allows bypassing inter-process communication protections and impersonation of trusted 1Password integrations. The second, CVE-2024-42218, lets attackers bypass security mechanisms using outdated app versions.
he vulnerability, tracked as CVE-2024-20419, allows unauthenticated attackers to change any user’s password remotely. To secure vulnerable Cisco Smart Software Manager On-Prem servers, admins must upgrade to a fixed release.
Gaining visibility in OT networks is challenging due to differences in communication protocols between IT and OT systems. Building trust between OT and IT teams is essential, as their priorities often conflict.
The phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine.
The initiative, called Secure by Design, was introduced by the Cybersecurity and Infrastructure Security Agency at the RSA Conference, with an initial 70 firms committing to improving security features.
A comprehensive analysis of data theft incidents investigated by ReliaQuest from September 2023 to July 2024 revealed that Rclone, WinSCP, and cURL are among the most prevalent exfiltration tools used by threat actors.