News
In a remarkable crackdown on cybercrime, INTERPOL has orchestrated an extensive operation resulting in the arrest of 1,006 suspects from 19 African nations and the dismantling of 134,089 malicious networks. This coordinated effort, named Operation Serengeti, unfolded between September 2 and October 31, 2024, focusing on major cyber
Two critical vulnerabilities in the popular WordPress plugin "Spam Protection, Anti-Spam, and FireWall" have been identified, potentially affecting more than 200,000 sites. These flaws could allow attackers to install and activate malicious plugins, leading to remote code execution. CVE-2024-10542 and CVE-2024-10781 Both vulnerabilities hold a CVSS severity
Microsoft is advancing its commitment to passwordless security by testing updates to the WebAuthn API that will allow third-party passkey providers to authenticate on Windows 11. This development enhances the existing Windows Hello experience by integrating alternative biometric authentication options, such as facial recognition and fingerprints, which offer stronger security
The European Union is on the cusp of formally appointing a new team of 26 commissioners tasked with executing President Ursula von der Leyen's policy agenda for the next five years. While the final vote is expected next week, it appears highly likely that the new European Commission
A recent data breach involving the UK Ministry of Justice has exposed sensitive prison layouts on the dark web, sparking significant security concerns. Over the past fortnight, plans of prisons in England and Wales have reportedly been leaked, as revealed by *The Times*. The breach affects confidential layouts from various
Microsoft has launched a much-debated feature, Recall, to Windows Insiders participating in the Dev Channel. This AI-enhanced tool is initially available for PCs powered by Snapdragon processors equipped with Copilot+. The release marks a significant step in Microsoft's strategy to integrate advanced AI functionalities into its operating systems.
Chinese TAG-112 Targets Tibetan Sites with Cobalt Strike in Cyber Espionage A cyber espionage operation linked to Chinese interests, identified as TAG-112, has infiltrated Tibetan media and academic websites. The campaign's primary objective is to deliver Cobalt Strike, a tool for post-exploitation information gathering. Malicious JavaScript and Fake
The cyber threat group known as Mysterious Elephant, aka APT-K-47, has been deploying an advanced iteration of the Asyncshell malware via Hajj-themed lures. This tactic involves misleading victims with a seemingly harmless Microsoft Compiled HTML Help (CHM) file as part of a targeted attack strategy. Threat Actor Background Mysterious Elephant,
Recent research highlights that China's offensive cyber operations are being developed not solely by government agencies but with extensive support from private companies and academic institutions. According to a report by Orange Cyberdefense, many private cybersecurity firms, tech services providers, and universities collaborate with China's government