Infosec News

InfoSec News 20250416

  • Publicado: Qua, 16/04/2025 - 13:24

Top News

  • Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

"Cheap Chinese Android phones ship with trojanized WhatsApp and Telegram clones hiding crypto clippers, active since June 2024."

Link

TLP1 : Green

InfoSec News 20250415

  • Publicado: Ter, 15/04/2025 - 14:29

Top News

  • SSL/TLS certificate lifespans reduced to 47 days by 2029

"The CA/Browser Forum has voted to significantly reduce the lifespan of SSL/TLS certificates over the next 4 years, with a final lifespan of just 47 days starting in 2029."

Link

TLP1 : Green

InfoSec News 20250411

  • Publicado: Sex, 11/04/2025 - 14:14

Top News

  • Open Source Poisoned Patches Infect Local Software

"Malicious packages lurking on open source repositories like npm have become less effective, so cyberattackers are using a new strategy: offering "patches" for locally installed programs."

Link

TLP1 : Green

InfoSec News 20250408

  • Publicado: Ter, 08/04/2025 - 13:14

Top News

  • Everest ransomware's dark web leak site defaced, now offline

"The dark web leak site of the Everest ransomware gang has apparently been hacked over the weekend by an unknown attacker and is now offline."

Link

TLP1 : Green

InfoSec News 20250404

  • Publicado: Sex, 04/04/2025 - 13:43

Top News

  • Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware

"Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials."

Link

TLP1 : Green

InfoSec News 20250402

  • Publicado: Qua, 02/04/2025 - 14:05

Top News

  • Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign

"Cybersecurity researchers are warning of a spike in suspicious login scanning activity targeting Palo Alto Networks PAN-OS GlobalProtect gateways, with nearly 24,000 unique IP addresses attempting to access these portals."

Link

TLP1 : Green

InfoSec News 20250401

  • Publicado: Ter, 01/04/2025 - 14:04

Top News

  • KoiLoader Reloaded: New Variant Uses LNK Abuse, Script Chains, and PowerShell to Deliver Stealer Payload

"eSentire’s Threat Response Unit (TRU) has detected an intrusion attempt involving a new version of KoiLoader, a malware loader used to facilitate Command and Control (C&C) and deploy Koi Stealer, an information stealer."

Link

InfoSec News 20250331

  • Publicado: Seg, 31/03/2025 - 14:38

Top News

  • Phishing-as-a-service operation uses DNS-over-HTTPS for evasion

"A newly discovered phishing-as-a-service (PhaaS) operation that researchers call Morphing Meerkat, has been using the DNS over HTTPS (DoH) protocol to evade detection."

Link

TLP1 : Green

InfoSec News 20250328

  • Publicado: Sex, 28/03/2025 - 14:03

Top News

  • 150,000 Sites Compromised by JavaScript Injection Promoting Chinese Gambling Platforms

"An ongoing campaign that infiltrates legitimate websites with malicious JavaScript injects to promote Chinese-language gambling platforms has ballooned to compromise approximately 150,000 sites to date."

Link

TLP1 : Green

Páginas