Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

Highlighting TA866/Asylum Ambuscade Activity Since 2021

TA866 (also known as Asylum Ambuscade) is a threat actor that has been conducting intrusion operations since at least 2020.

TALOS
Open in Source
#sql#web#mac#windows#google#microsoft#cisco#js#git#java#backdoor#perl#pdf#botnet#auth#ssh#chrome#firefox#ssl
Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page'

The emergence of novel anti-detection kits for sale on the Dark Web limit the effectiveness of a Chrome browser feature that warns users that they have reached a phishing page.

Debian Security Advisory 5793-1

Debian Linux Security Advisory 5793-1 - Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20)

Hi there! Here’s your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies were hit with attacks, while others fixed their vulnerabilities just in time. It's a constant battle.

“HM Surf” macOS Flaw Lets Attackers Access Camera and Mic – Patch Now!

Researchers at Microsoft discovered a new macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthorized access…

Google Chrome’s uBlock Origin Purge Has Begun

Plus: The alleged SEC X account hacker gets charged, Kroger wriggles out of a face recognition scandal, and Microsoft deals with missing customer security logs.

Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks

A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. "The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, and others,"

MacOS Safari 'HM Surf' Exploit Exposes Camera, Mic, Browser Data

Microsoft researchers toyed with app permissions to uncover CVE-2024-44133, using it to access sensitive user data. Adware merchants may have as well.

Unauthorized data access vulnerability in macOS is detailed by Microsoft

Microsoft disclosed details about the HM Surf vulnerability that could allow an attacker to gain access to the user’s data in Safari

Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign

Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. "This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell code, finally infecting their systems," French cybersecurity company Sekoia said in