Google Ads Users Targeted in Malvertising Scam Stealing Credentials and 2FA Codes https://firewall.firm.in/wp-content/uploads/2025/01/google-ads.png Jan 15, 2025Ravie LakshmananMalvertising / Malware Cybersecurity researchers have alerted to a new malvertising campaign that’s targeting individuals and businesses advertising via Google Ads by attempting to phish for their credentials via fraudulent ads on Google. “The scheme consists of stealing as many advertiser accounts as possible ...

North Korean IT Worker Fraud Linked to 2016 Crowdfunding Scam and Fake Domains https://firewall.firm.in/wp-content/uploads/2025/01/korea.png Jan 15, 2025Ravie LakshmananBlockchain / Cryptocurrency Cybersecurity researchers have identified infrastructure links between the North Korean threat actors behind the fraudulent IT worker schemes and a 2016 crowdfunding scam. The new evidence suggests that Pyongyang-based threamoret groups may have pulled off illicit money-making scams that predate ...

FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation https://firewall.firm.in/wp-content/uploads/2025/01/fbi.png Jan 15, 2025Ravie LakshmananMalware / Threat Intelligence The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected computers as part of a “multi-month law enforcement operation.” PlugX, also known as ...

Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation https://firewall.firm.in/wp-content/uploads/2025/01/apple.png Jan 14, 2025Ravie LakshmananEndpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as “root” to bypass the operating system’s System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The ...

⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January] https://firewall.firm.in/wp-content/uploads/2025/01/recap.png Jan 13, 2025Ravie Lakshmanan The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect yourself. In this recap, we’ll break down ...

Hacker claims breach of US location tracking company gravy analytics – ET CISO https://etimg.etb2bimg.com/thumb/msid-117073953,imgsize-5538,width-1200,height=765,overlay-etciso/data-breaches/hacker-claims-breach-of-us-location-tracking-company-gravy-analytics.jpg An unknown hacker is claiming to have pulled off a heist at U.S. location tracking firm Gravy Analytics, according to screenshots of the boast circulating online. It is not clear exactly how and under what circumstances the breach occurred. A Russian-language post and screenshots uploaded early ...

New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption https://firewall.firm.in/wp-content/uploads/2025/01/macos.png Jan 09, 2025Ravie Lakshmanan Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer. “Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect,” Check Point Research said in a new ...

Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections https://firewall.firm.in/wp-content/uploads/2025/01/phishing.png Cybersecurity researchers have found that bad actors are continuing to have success by spoofing sender email addresses as part of various malspam campaigns. Faking the sender address of an email is widely seen as an attempt to make the digital missive more legitimate and get past security ...

Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks https://firewall.firm.in/wp-content/uploads/2025/01/router-ddos.png Jan 08, 2025Ravie LakshmananMalware / Vulnerability A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks. The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily ...

Farewell to the Fallen: The Cybersecurity Stars We Lost Last Year https://firewall.firm.in/wp-content/uploads/2025/01/main.gif It’s time once again to pay our respects to the once-famous cybersecurity solutions whose usefulness died in the past year. The cybercriminal world collectively mourns the loss of these solutions and the easy access they provide to victim organizations. These solutions, though celebrated in their prime, succumbed to ...