4 Critical, Known Exploited Vulnerabilities Added to KEV Catalog
CISA added 4 new vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalogue, citing evidence of active exploitation.
⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
In cybersecurity, precision matters—and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gapRead More »⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
New Interlock RAT Variant Distributed via FileFix Attacks
The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks. The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek.
Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase. The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek.
Louis Vuitton Data Breach Hits Customers in Several Countries
Louis Vuitton customers in the UK, South Korea, Turkey and possibly other countries are being notified of a data breach. The post Louis Vuitton Data Breach Hits Customers in Several Countries appeared first on SecurityWeek.
Forensic journey: Breaking down the UserAssist artifact structure
Introduction As members of the Global Emergency Response Team (GERT), we work with forensic artifacts on a daily basis to conduct investigations, and one of the most valuable artifacts is UserAssist. It contains useful execution information that helps us determine and track adversarial activities, and reveal malware samples. However, UserAssistRead More »Forensic journey: Breaking down the UserAssist artifact structure
Hackers Inject Malware Into Gravity Forms WordPress Plugin
Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply chain attack. The post Hackers Inject Malware Into Gravity Forms WordPress Plugin appeared first on SecurityWeek.
CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center
India’s Central Bureau of Investigation (CBI) has announced that it has taken steps to dismantle what it said was a transnational cybercrime syndicate that carried out “sophisticated” tech support scams targeting citizens of Australia and the United Kingdom. The fraudulent scheme is estimated to have led to losses worth moreRead More »CBI Shuts Down £390K U.K. Tech Support Scam, Arrests Key Operatives in Noida Call Center
eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Cybersecurity researchers have discovered a new hacking technique that exploits weaknesses in the eSIM technology used in modern smartphones, exposing users to severe risks. The issues impact the Kigen eUICC card. According to the Irish company’s website, more than two billion SIMs in IoT devices have been enabled as ofRead More »eSIM Vulnerability in Kigen’s eUICC Cards Exposes Billions of IoT Devices to Malicious Attacks
Thirteen Romanians Arrested for Phishing the UK’s Tax Service
Investigators from HMRC joined more than 100 Romanian police officers to arrest the 13 Romanian suspects in the counties of Ilfov, Giurgiu and Calarasi. The post Thirteen Romanians Arrested for Phishing the UK’s Tax Service appeared first on SecurityWeek.