Security News

Filter by:

Over 13,000 Ivanti gateways vulnerable to actively exploited bugs

Thousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the vendor gradually patched.
Bleeping Computer 16 Feb 2024 427 Views

GoldPickaxe Trojan Uses Biometric Data and Deepfake Tech to Scam Banks

The trojan captures facial biometric data to create deepfake videos for bypassing banking logins, demonstrating a high level of sophistication and operational maturity by the cybercriminal group GoldFactory.[...]
Cyware News 15 Feb 2024 191 Views

New ‘Gold Pickaxe’ Android, iOS malware steals your face for fraud

A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. [...]
Bleepingcomputer 15 Feb 2024 315 Views

Ubuntu 'command-not-found' tool can be abused to spread malware

A logic flaw between Ubuntu's 'command-not-found' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users. [...]
Bleepingcomputer 15 Feb 2024 382 Views

US says AI models can’t hold patents

Inventors must be human, but there's still a condition where AI can officially help.
Ars Technica 15 Feb 2024 3050 Views

Hackers used new Windows Defender zero-day to drop DarkMe malware

Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT).
Bleeping Computer 14 Feb 2024 394 Views

Ivanti Vulnerability Exploited to Install 'DSLog' Backdoor on 670+ IT Infrastructures

Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices.
The Hacker News 14 Feb 2024 6715 Views

Fake LastPass lookalike made it into Apple App Store

LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. [...]
The Register 9 Feb 2024 3437 Views

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. [...]
Bleepingcomputer 9 Feb 2024 537 Views

Data of 7,400 students, scholars leaked in HKU breach

The Faculty of Education at the University of Hong Kong (HKU) on Wednesday said the personal data of around 7,400 students, academic visitors and research programme applicants may have been leaked in a cyberattack on January 30.
RTHK 8 Feb 2024 368 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY