Well, there goes American spycraft. CISA Issues Urgent Warning Over Exploited Vulnerabilities in Signal Clone Used by Federal Agencies
Posted inCybersecurity News

Well, there goes American spycraft. CISA Issues Urgent Warning Over Exploited Vulnerabilities in Signal Clone Used by Federal Agencies

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive following the active exploitation of critical security vulnerabilities in TeleMessage TM SGNL, a secure messaging application modeled after Signal and widely used by federal agencies and national security personnel.
Spanish Authorities Arrest Suspected Hackers Behind Major Data Breach Targeting Politicians and Journalists.
Posted inCybersecurity News

Spanish Authorities Arrest Suspected Hackers Behind Major Data Breach Targeting Politicians and Journalists.

Spanish police have apprehended two individuals, aged 18 and 19, in connection with a sophisticated cyberattack that targeted senior government officials and prominent journalists. The arrests took place in the coastal town of Arinaga, Gran Canaria, following an extensive investigation into the unauthorized disclosure of sensitive personal data.
Kim Jong Un hacking
Posted inCybersecurity News

Exploring a New KimJongRAT Stealer Variant and Its PowerShell Implementation

Security researchers have identified a new and sophisticated variant of the KimJongRAT information stealer, notable for its advanced evasion techniques, robust persistence mechanisms, and a novel PowerShell-based implementation. This latest evolution of the KimJongRAT malware family, which first emerged in 2013, demonstrates a heightened focus on stealing both general system data and cryptocurrency assets, leveraging multi-stage delivery chains and legitimate infrastructure to evade detection.
Newly identified APT group, NightEagle, observed exploiting zero-day vulnerabilty in Microsoft Exchange to target Chinese military and tech sectors.
Posted inCybersecurity News

Newly identified APT group, NightEagle, observed exploiting zero-day vulnerabilty in Microsoft Exchange to target Chinese military and tech sectors.

A newly identified advanced persistent threat (APT) group, dubbed NightEagle (also known as APT-Q-95), has been observed exploiting a previously undocumented zero-day vulnerability in Microsoft Exchange servers. The group’s campaign, active since at least 2023, has primarily targeted China’s military, defense, and high-technology sectors, including organizations involved in semiconductor manufacturing, quantum technology, and artificial intelligence research.
Unlocking Roku’s Secret Menus: Hidden Features and How to Access Them
Posted inCybersecurity News

Unlocking Roku’s Secret Menus: Hidden Features and How to Access Them

Security be damned. Did you know your Roku streaming device is packed with hidden menus and secret screens? These advanced features are tucked away behind special remote-control codes, giving you access to powerful diagnostic tools, developer options, and customization settings not found in the standard Roku interface. Here’s everything you need to know about Roku’s secret menus—and how to unlock them.
FBI says recent breach of US telecommunications infrastructure by China’s Salt Typhoon is largely contained with affected networks.
Posted inCybersecurity News

FBI says recent breach of US telecommunications infrastructure by China’s Salt Typhoon is largely contained with affected networks.

The FBI’s top cyber official announced this week that the Chinese state-backed hacking group known as Salt Typhoon, responsible for a significant breach of U.S. telecommunications infrastructure, is now “largely contained” within affected networks. While the immediate threat has been mitigated, federal authorities caution that the risk posed by the group remains unresolved.
Researchers reveal the existence of extensive brand-spoofing campaigns that leverage thousands of fraudulent websites impersonating known brands.
Posted inCybersecurity News

Researchers reveal the existence of extensive brand-spoofing campaigns that leverage thousands of fraudulent websites impersonating known brands.

Recent investigations by cybersecurity firm Silent Push and VPN provider NordVPN have revealed the existence of extensive brand-spoofing campaigns that leverage thousands of fraudulent websites to impersonate some of the world’s most recognized brands. These operations are designed to deceive consumers, steal sensitive information, and facilitate financial fraud on a global scale.