A new cyberattack campaign dubbed “Elusive Comet” is exploiting Zoom’s remote control feature through social engineering to infiltrate the systems of cryptocurrency traders and venture capitalists, enabling malware deployment and data theft.
Initial Access Brokers are changing tactics, selling low-cost access to more targets. Learn how this shift increases cyber risks and what defenses to implement.
Initial Access Brokers are changing tactics, selling low-cost access to more targets. Learn how this shift increases cyber risks and what defenses to implement.
Protect yourself this tax season: Learn how hackers use tax-themed phishing emails to steal data and deploy malware.
Medusa ransomware is now using a malicious driver to bypass security tools and disable EDR systems. Learn how this advanced technique works and how to protect your organization.
Medusa ransomware is now using a malicious driver to bypass security tools and disable EDR systems. Learn how this advanced technique works and how to protect your organization.
Discover how malicious browser extensions use polymorphic techniques to impersonate legitimate add-ons, posing serious cybersecurity risks.
Critical Microsoft Outlook vulnerability allows attackers to bypass security using the ‘Moniker Link’ exploit.
Cybercriminals are exploiting Webflow’s trusted infrastructure using fake CAPTCHA screens to deliver phishing attacks.
Beware of a new USPS text scam using malicious PDF links to bypass security filters. Learn how cybercriminals exploit trusted platforms and how to protect yourself from phishing attacks
Discover why the U.S. Navy is restricting DeepSeek AI due to cybersecurity concerns, including data security risks, misinformation, and adversarial exploitation.
Urgent advisory on the Fortigate SSL VPN breach: Learn how to protect your organization by transitioning to secure, scalable cloud-based remote access solutions and eliminate risks associated with legacy VPN systems.
FireScam malware disguises itself as Telegram, stealing sensitive data from Android users. Learn how to stay protected.
Protect your text messages from cyber threats with these essential tips, including encryption, avoiding smishing, and securing 2FA.
Learn how over 2,000 Palo Alto Networks firewalls were hacked using critical zero-day vulnerabilities and how to stay protected
Learn how over 2,000 Palo Alto Networks firewalls were hacked using critical zero-day vulnerabilities and how to stay protected
Discover how AndroxGh0st malware exploits IoT device vulnerabilities, creating powerful botnets for cyberattacks, and learn steps to protect your devices.
Learn about Midnight Blizzard’s spear-phishing campaign using malicious RDP files and discover practical tips to stay protected.
Learn how to protect your Git repositories and cloud credentials following the massive global operation called EmeraldWhale.
Learn how to protect yourself from evolving Session Hijacking threats with expert tips on secure connections, encryption, 2FA, and more.
Learn about the cybersecurity risks of using in-flight Wi-Fi and discover essential tips to protect your data while traveling, from VPNs to device updates.
Learn about critical vulnerabilities in Veeam Backup & Replication and SonicWall SonicOS, including active exploits. Apply patches and follow key security measures to protect your systems.
Learn how to protect your organization from the new Qilin ransomware attack, which exploits VPN vulnerabilities. Discover essential tips for strengthening your cybersecurity defenses and preventing ransomware threats
Discover the extensive impact of the NPD breach that exposed 3 billion personal records, underscoring significant privacy risks and highlighting essential steps for safeguarding personal information against identity theft and cyber fraud.
Learn about the CrowdStrike global outage, its potential causes, and essential risk mitigation strategies to protect your organization from similar cyber threats.
A unique ransomware scheme is seeking to extort money from Ticketmaster to prevent the release of printable tickets and concert chaos.
Learn about the critical OpenSSH vulnerability CVE-2023-38408 that allows remote code execution via the ssh-agent’s forwarding feature. Discover immediate steps to protect your systems, including upgrading to OpenSSH 9.3p2, restricting PKCS#11 providers, and enhancing security measures.
May 30th, 2024: Learn how to protect yourself after the Ticketmaster data breach affecting 60 million customers. Discover immediate steps, identity protection tips, and long-term security practices to safeguard your personal information.
Learn how to protect your systems from ransomware attacks by understanding the role of remote-access tools and implementing effective cybersecurity strategies.
Explore the implications of the Dropbox Sign Breach incident, emphasizing the critical role of cybersecurity measures in defending against API key and OAuth token theft. It discusses the methods used by attackers, offers practical insights for safeguarding data, and underscores the ongoing need for vigilance in today’s interconnected digital landscape.
Lessons learned from the Change Healthcare data breach can teach us immediate actions we can take to reduce the chance of a breach in our own companies, networks, and the loss of the data entrusted to us.
ArcaneDoor delivers malware via zero-day exploits to CISCO ASA and Firepower network security devices. Patches are available and need to be applied once system integrity is verified.
The recent sophisticated breach of Microsoft Executive emails is a stark reminder that all of us can be targeted with phishing and social engineering attacks and need to prepare by training, testing, and governing employees on Cyber Literacy.
CyberNews broke a story detailing a collection of more than 26 Billion credentials and other private data in what security researchers are called a Mega-Breach.
Hackers (and jilted lovers) are transferring money to themselves using your phone’s cash app (Paypal, Zelle, Cash App) to transfer funds out of your bank account.
P2P payment scams are escalating, exposing people to advanced social engineering tactics resulting in significant financial losses.
Hackers are hi-jacking websites and hiding malware in Google Ads to target unsuspecting users with malware. Users simply visit the formerly safe and always legitimate looking websites and are presented with fake downloads, malware, and other nasty surprises.
CISCO has announced and released patches for a critical bug in their product that could allow Internet hackers to create accounts remotely on CISCO devices via the HTTP management application. Patches have been released and workarounds documented for unpatched systems no longer supported. Take action to patch now.
Google’s efficient and compression based graphics file format WebP has been found to contain a critical zero-day vulnerability that can lead to a complete compromise of a computer that renders a malicious WebP graphics file on any website hosting such malware content. This could be anywhere. Most browser have been patched against this vulnerability, but may not have restarted yet to take effect. Please check and force reboots or browser restarts as soon as possible.
Hackers have been using EvilProxy to capture authenticated session tokens from unsuspecting phishing email victims.
Exploiting a flaw in how the app handles communication with external tenants gives threat actors an easy way to send malicious files from a trusted source to an organization’s employees. Microsoft believes this is a feature and no patch will be provided. This delivery method bi-passes traditional payload delivery security controls.
Virus warning attacks have plagued computer users for years. Recently, hackers have figured out how to exploit these attacks in your Google Chrome (and possibly other) browsers, seizing control of your browser and scaring you into calling fake customer support hotlines to extort you for money.
Multi-factor authentication can be one of the best protect measures companies can implement on their critical accounts. However, not all methods of MFA are equal and some, like SMS, carry inherent risks and should not be used.
There is a dark side to ChatGPT. Hacking tutorials abound on YouTube showing unskilled hackers how to hack with ChatGPT. ChatGPT can create convincing phishing attacks in a language of your choice, writing software code for them, which through trial and error can transform into novel and effective malware.
ConnectiWise Recover and R1Soft Server Backup software both leverage the ZK Framework. As such they need patching due to a vulnerability that can lead to remote code execution and potentially privilege escalation.
OpenSSL releases vulnerability patches containing 8 bug fixes in its latest releases available across three release train binaries. The criticality of bugs range from high to moderate. They all relate to memory handling issues stemming from the fact OpenSSL was written in C.
Over the last few months, CyberHoot has learned more and researched more opinions on Password Managers concerning the latest LastPass security breach. We have felt for some time we needed to migrate to a new solution. However, what criteria would we use and recommend in order to not hope from the frying pan into the fire? This article is our attempt to summarize how you should choose your replacement password manager for your company or yourself individually.
On Tues. Jan. 10th Microsoft and Adobe both released critical patches that should be applied to your environment with priority. Both are linked to remotely exploitable, privilege escalation vulnerabilities that could be exploited by hackers.
In August, LastPass was breached but they claimed that no client data was stolen only source code. In late December 2022 they updated their stance stating that encrypted client vaults were stolen but that default password length requirements protected most users. CyberHoot recommends you change your master password.
If you run Linux Kernel 5.15 or later you are potential at risk (10 out of 10) vulnerability in the ksmbd kernel module added in some versions of linux kernels or later. Perform an assessment asap and patch your kernel or remove the module if you’re impacted.
