iSecurity Social

Exciting news! 🌐 Follow us @iSecurity on X (formerly Twitter), your go-to channel for cutting-edge #CyberSecurity insights, expert tips, and the latest in digital defense. Follow @iSecurity and stay ahead in the world of #InfoSec! 🔐 Link: https://lnkd.in/g-7YUmzX

New TorNet Backdoor Abusing Windows Schedule Task to Deliver Malware: A financially motivated threat actor has been linked to a sophisticated cyber campaign that has been targeting users in Poland and Germany since July 2024.  The effort uses phishing emails to spread a range of malware payloads, including Agent Tesla, Snake Keylogger, and an undocumented backdoor called TorNet.  This backdoor leverages Windows Scheduled Tasks for […] The post New TorNet Backdoor Abusing Windows Schedule Task to Deliver Malware appeared first on Cyber Security News. #CyberSecurity #InfoSec

Vulnerabilities in Telecom Networks Let Hackers Gain Access to 3,000 Companies : Cybersecurity researchers have exposed critical vulnerabilities in a telecom network that allowed unauthorized access to sensitive data and control over 3,000 companies.  The research revealed obvious vulnerabilities in the network’s backend APIs, authentication systems, and Know Your Customer (KYC) processes, raising serious concerns about the state of cybersecurity in telecommunications.  How did the Exploit begin? […] The post Vulnerabilities in Telecom Networks Let Hackers Gain Access to 3,000 Companies  appeared first on Cyber Security News. #CyberSecurity #InfoSec

Hackers Stolen $85 Million Worth of Cryptocurrency from Phemex: Phemex, a cryptocurrency exchange based in Singapore, suffered a significant cyberattack that resulted in the theft of $85 million worth of digital assets.  The platform’s hot wallets, which are linked to the internet for real-time transactions, were the primary target of the hack. These wallets are more susceptible to intrusions than cold wallets, which stay […] The post Hackers Stolen $85 Million Worth of Cryptocurrency from Phemex appeared first on Cyber Security News. #CyberSecurity #InfoSec

EU Sanctioned Three Russian Hackers for Attacking Govt Agencies : The European Union today imposed sanctions on three Russian military intelligence officers for their involvement in a series of cyberattacks targeting Estonian government agencies in 2020.  The individuals, identified as Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov, are members of Russia’s General Staff of the Armed Forces (GRU) Unit 29155.  This covert unit […] The post EU Sanctioned Three Russian Hackers for Attacking Govt Agencies  appeared first on Cyber Security News. #CyberSecurity #InfoSec

NVIDIA GPU Display Driver Vulnerabilities Let Attackers Trigger DoS: NVIDIA has issued a critical software security update for its GPU Display Driver, addressing multiple vulnerabilities that could potentially expose systems to denial-of-service (DoS) attacks, data tampering, and information disclosure.  This update impacts users across Windows and Linux platforms and is essential for maintaining system security. NVIDIA GPU Display Driver Vulnerabilities The update targets five […] The post NVIDIA GPU Display Driver Vulnerabilities Let Attackers Trigger DoS appeared first on Cyber Security News. #CyberSecurity #InfoSec

Hackers Exploit Outdated Electricity Controller Using Flipper Zero to Disconnect Power Supply: Researchers Fabian Bräunlein and Luca Melette demonstrated how outdated Radio Ripple Control systems, used to manage up to 60 gigawatts (GW) of electricity, could be exploited by attackers to disrupt power supply on a massive scale.  Their findings, presented at the Chaos Computer Club (CCC) conference, have raised alarms about the fragility of Europe’s energy […] The post Hackers Exploit Outdated Electricity Controller Using Flipper Zero to Disconnect Power Supply appeared first on Cyber Security News. #CyberSecurity #InfoSec

Destroying EDR Service Executable File by Using a Combination of Windows Symbolic Links: A new method of exploiting the “Bring Your Own Vulnerable Driver” (BYOVD) technique has emerged, combining it with Windows symbolic links to elevate its effectiveness. This innovative approach exploits drivers with file-writing capabilities, bypassing the need to rely solely on vulnerable drivers listed in Microsoft’s blocklist.  The BYOVD technique involves attackers leveraging legitimate but vulnerable […] The post Destroying EDR Service Executable File by Using a Combination of Windows Symbolic Links appeared first on Cyber Security News. #CyberSecurity #InfoSec

New Attack Mimics USPS To Deliver Malicious PDF In To Attack Mobile Devices: A sophisticated phishing campaign has been uncovered, leveraging malicious PDFs disguised as official U.S. Postal Service (USPS) communications to target mobile users. This attack, identified by Zimperium’s zLabs team, employs a novel obfuscation technique to bypass traditional endpoint security measures and steal sensitive data, including credentials and payment information. The campaign begins with SMS messages […] The post New Attack Mimics USPS To Deliver Malicious PDF In To Attack Mobile Devices appeared first on Cyber Security News. #CyberSecurity #InfoSec

Hackers Using Hidden Text Salting Technique To Confuse Spam Filters & Evade Detection: Cybercriminals are increasingly employing a technique known as “hidden text salting” to bypass spam filters and evade detection. This method, which saw a surge in usage during the latter half of 2024, poses a significant threat to organizations relying on traditional email defense mechanisms. Hidden text salting, also referred to as “poisoning,” is a deceptively […] The post Hackers Using Hidden Text Salting Technique To Confuse Spam Filters & Evade Detection appeared first on Cyber Security News. #CyberSecurity #InfoSec