Security News
Attackers Hijack Google Advertiser Accounts to Spread Malware
In an especially brazen tactic, multiple threat actors are impersonating Google Ads login pages to trick advertisers into handing over their account credentials.The attackers — from regions as geographically dispersed as South America, Asia, and Eastern Europe...
CISA: Second BeyondTrust Vulnerability Added to KEV Catalog
NEWS BRIEFThe Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies to patch a command injection flaw tracked as CVE-2024-12686, otherwise known as BT24-11, and has added it to the Known Exploited Vulnerabilities (KEV) Catalog.The...
CISA Launches Playbook to Boost AI Cybersecurity Collaboration
A new initiative aimed at improving collaboration on artificial intelligence (AI) cybersecurity across critical infrastructure has been introduced by the Cybersecurity and Infrastructure Security Agency (CISA) in the US. The JCDC AI Cybersecurity Collaboration...
Extension Poisoning Campaign Highlights Gaps in Browser Security
A Christmas Eve phishing attack resulted in an unknown party taking over a Cyberhaven employee's Google Chrome Web Store account and publishing a malicious version of Cyberhaven's Chrome extension. While the problematic extension was removed within an hour of...
North Korea's Lazarus Evolves Developer-Recruitment Attacks
North Korea's Lazarus threat group has launched a fresh wave of attacks targeting software developers, using recruitment tactics on job-hiring platforms. This time, the group is using job postings on LinkedIn to lure freelance developers in particular into...