Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems

A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target Apple macOS systems. The findings come from SentinelOne, which observed an uptick in the number of Geacon payloads appearing on VirusTotal in recent months. “While some of these are likely red-team operations, others bear the […]

Windows 11 is showing its first signs of Rust

Some important changes are heading to Windows which should make the operating system quite a bit more secure than it is now. At the end of April, Microsoft’s VP of OS Security and Enterprise referenced upcoming changes to Windows involving the programming language Rust. Rust matches the performance of languages like C and C++ while […]

Update now! Ruckus vulnerability added to CISA’s list of actively exploited bugs

Along with six older vulnerabilities, the Cybersecurity and Infrastructure Agency (CISA) has added a vulnerability in multiple Ruckus wireless products to the Known Exploited Vulnerabilities Catalog. This means that  Federal Civilian Executive Branch (FCEB) agencies need to remediate these vulnerabilities by June 2, 2023. The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer […]

CISOs: How to improve cybersecurity in an ever-changing threat landscape

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  The digital landscape is always changing to keep up with a constantly evolving world, and bad actors are also adapting. For every new […]

Facebook glitch sent unintended friend requests to users

By Habiba Rashid Meta swiftly acknowledged the Facebook glitch and issued an apology, citing it as a consequence of a recent app update. This is a post from HackRead.com Read the original post: Facebook glitch sent unintended friend requests to users

Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks

Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology (OT) networks to external attacks. The findings were presented by Israeli industrial cybersecurity firm OTORIO at the Black Hat Asia 2023 conference last week. The 11 vulnerabilities allow “remote code execution and

Why High Tech Companies Struggle with SaaS Security

It’s easy to think high-tech companies have a security advantage over other older, more mature industries. Most are unburdened by 40 years of legacy systems and software. They draw some of the world’s youngest, brightest digital natives to their ranks, all of whom consider cybersecurity issues their entire lives. Perhaps it is due to their […]

New Ransomware Gang RA Group Hits U.S. and South Korean Organizations

A new ransomware group known as RA Group has become the latest threat actor to leverage the leaked Babuk ransomware source code to spawn its own locker variant. The cybercriminal gang, which is said to have been operating since at least April 22, 2023, is rapidly expanding its operations, according to cybersecurity firm Cisco Talos. “To date, […]

New ‘MichaelKors’ Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in a report shared with The Hacker News. “This trend is especially noteworthy given the fact […]

Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign

Government, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023. Symantec, by Broadcom Software, is tracking the activity under its insect-themed moniker Lancefly, with the attacks […]