In a significant wave of cyber attacks, the Murdoc_Botnet, a variant of the notorious Mirai malware, is targeting AVTECH cameras and Huawei HG532 routers by exploiting specific known vulnerabilities. Researchers from Qualys have flagged this threat after identifying over 1,300 active IP addresses involved in the botnet campaign since July 2024. The Murdoc_Botnet leverages weaknesses in firmware with CVE-2024-7029 and
The recent data breach involving Fortinet, a leading cybersecurity firm renowned for its security appliances and software, has sent shockwaves through the industry. The exposure of dated configuration data and virtual private network (VPN) credentials for 15,474 Fortinet devices on the Dark Web has raised serious concerns about the potential repercussions for the affected organizations. The Breach and Its Immediate
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has recently imposed sanctions on a Chinese cybersecurity company, Sichuan Juxinhe Network Technology Co., LTD., and a Shanghai-based cyber actor, Yin Kecheng. These sanctions are a response to their involvement with Chinese cyber espionage groups Silk Typhoon and Salt Typhoon, which have been implicated in a significant hack compromising the
As the digital landscape continues to evolve at a rapid pace, the threats that endanger our online existence also grow in sophistication and persistence. Among these threats, password stealers represent a particularly insidious form of malware specifically designed to capture and relay authentication credentials and other sensitive information to cybercriminals. The covert operations of these programs mean they often go
Thunes, a prominent global financial technology company, has announced an innovative partnership with Hyperwallet, a PayPal service specializing in global payouts, to significantly enhance payout access for merchants across the Asia-Pacific (APAC) region. This strategic alliance aims to provide a secure, efficient, and real-time payment solution to over 450 million mobile wallets and bank accounts in countries such as Bangladesh,
In a significant security breach, Nominet, the UK’s top-level domain registry responsible for managing over 11 million domains including .uk, .wales, and .cymru, recently experienced a zero-day vulnerability in Ivanti VPN products. The incident, which came to light in late December, triggered concern among the cybersecurity community due to its potential for widespread impact. The zero-day attack was traced to
In mid-November 2024, a sophisticated cybersecurity threat emerged, targeting Fortinet FortiGate firewall devices with exposed management interfaces. This campaign involved unauthorized administrative access, leading to configuration changes and the creation of super-admin accounts. Cybersecurity firm Arctic Wolf analyzed this malicious activity, revealing that attackers utilized a zero-day vulnerability, indicating a high level of sophistication in their approach. The Initial Discovery
In a remarkable turn of events, Bitcoin’s price has surged, almost nearing the $100K mark, driven primarily by substantial investments from institutional stakeholders. Following a significant rebound earlier this week, Bitcoin’s price approached the critical $100K threshold, reaching around $99.7K on January 16. This bullish sentiment is not only limited to Bitcoin; it has positively influenced the altcoin market, resulting
In a recent discovery, Arctic Wolf researchers have identified a cyberattack campaign targeting Fortinet FortiGate firewall devices. This campaign, active since mid-November, is believed to exploit a zero-day vulnerability. The attackers have focused on firewall models with firmware versions ranging from 7.0.14 to 7.0.16, using exposed management interfaces to gain unauthorized access and perform various malicious actions. The discovery sheds
The digital landscape is increasingly fraught with sophisticated cyber threats, as attackers exploit trusted platforms like YouTube and Google search results to distribute malware. From leveraging the trust users have in these platforms to employing advanced techniques to bypass security measures, cybercriminals are gaining ground. This article delves into the intricacies of these nefarious campaigns, highlighting how cybercriminals deceive users
In a disconcerting development, North Carolina public schools were significantly affected by a data breach involving PowerSchool’s student information system, which has been in use since 2013. The breach has exposed confidential personal information, including social security numbers, medical records, and addresses of students and staff members nationwide. As a result, various districts in North Carolina, such as Pitt and
Phishing remains a significant cybersecurity threat, affecting businesses and individuals alike. Traditional phishing schemes typically involve deceptive emails or fake websites designed to collect personal information. While these attacks are still common, there has been a notable rise in more sophisticated techniques, such as pretexting scams. These scams specifically exploit social engineering tactics to manipulate victims into divulging sensitive data,
