Tag: security
Several ServiceNow flaws are being linked together to attack companies and organizations
Hackers have been seen linking multiple ServiceNow vulnerabilities to target companies and organizations, and steal user login credentials. Cybersecurity researchers from Resecurity spotted an input validation vulnerability, which allowed threat actors to run remote code execution (RCE) attacks on multiple versions of the Now Platform. The vulnerability is now tracked…
Read More
Chinese hackers target Mac users with boosted Macma malware
Chinese cybercriminals known as Daggerfly (AKA Evasive Panda or Bronze Highland) have been observed targeting macOS users with an updated version of their proprietary malware. A report from Symantec claims the new variant was most likely introduced since older variants got too exposed. The malware in question is called Macma.…
Read More
Hamster Kombat players targeted with malware attacks — millions of gamers potentially at risk
Cybercriminals are tapping into the growing popularity of the Hamster Kombat mobile game to infect people with malware, adware, and infostealers, experts have warned. Researchers from ESET claim to have observed activity against both Android and Windows users, with the game boasting more than 250 million active participants. Hamster Kombat…
Read More
Scammers are flooding the internet with CrowdStrike typosquatting scams and fake repair manuals
Hackers are using the fallout from the recent CrowdStrike incident to target people looking for a fix with malware – and experts have warned some are quite creative in their campaigns, since on the surface it really seems as if they’re helping fix the problem. Crowdstrike says it observed a…
Read More
Ecommerce sites targeted by Magento payment system hack
A creative technique involving so-called swap files is being used to deploy persistent credit card skimmers on compromised Magento ecommerce sites, a new report from cybersecurity researchers Sucuri has warned. “When files are edited directly via SSH the server will create a temporary ‘swap’ version in case the editor crashes,…
Read More
Microsoft Defender flaws attacked to spread dangerous malware
Cybercriminals are persistently looking to try and exploit a vulnerability in Microsoft Defender SmartScreen to deliver all kinds of malware and infostealers. FortiGuard Labs has reported observing a new campaign targeting victims in Spain, Thailand, and the US looking to drop ARC Stealer, Lumma, and Meduza. The flaw allows the…
Read More