GhostRace – New Data Leak Vulnerability Affects Modern CPUs
A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution.Dubbed GhostRace (CVE-2024-2193), it is a variation...
Third-Party ChatGPT Plugins Could Lead to Account Takeovers
Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain...
Google Introduces Enhanced Real-Time URL Protection for Chrome Users
Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites."The...
Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers
Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus...
LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada
A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation.Mikhail...
Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover
Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with...
3 Things CISOs Achieve with Cato
Being a CISO is a balancing act: ensuring organizations are secure without compromising users' productivity. This requires taking multiple elements into consideration, like cost,...
RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage
The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands."The Program...
Ande Loader Malware Targets Manufacturing Sector in North America
The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans (RATs) like...
DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack
A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers."During...
