'Etherhiding' Blockchain Technique Masks Malicious Code in WordPress Sites

The ClearFake campaign uses fake browser updates to lure victims and spread RedLine, Amadey, and Lumma stealers.

https://www.darkreading.com/attacks-brea...ress-sites

Zero-Day Alert: Thousands of Cisco IOS XE Systems Now Compromised

Just a day after Cisco disclosed CVE-2023-20198, it remains unpatched, and one vendor says a Shodan scan shows at least 10,000 Cisco devices with an implant for arbitrary code execution on them. The vendor meanwhile has updated the advisory with more mitigation steps.

https://www.darkreading.com/attacks-brea...ro-day-bug

UAE, US Partner to Bolster Financial Services Cybersecurity

The two countries agree to share financial services information and provide cross-border training and best practices.

https://www.darkreading.com/dr-global/ua...s-security

Amazon Quietly Wades Into the Passkey Waters

The move by the e-commerce kahuna to offer advanced authentication to its 300+ million users has the potential to move the needle on the technology's adoption, security experts say.

https://www.darkreading.com/cloud/amazon...key-waters

Chatbot Offers Roadmap for How to Conduct a Bio Weapons Attack

Once ethics guardrails are breached, generative AI and LLMs could become nearly unlimited in its capacity to enable evil acts, researchers warn.

https://www.darkreading.com/threat-intel...ons-attack

Over 10,000 Cisco devices hacked in IOS XE zero-day attacks


Attackers have exploited a recently disclosed critical zero-day bug to compromise and infect more than 10,000 Cisco IOS XE devices with malicious implants. [...]


https://www.bleepingcomputer.com/news/se...y-attacks/

Fighting off cyberattacks? Make sure user credentials aren’t compromised


Login credential theft presents one of the biggest and most enduring cybersecurity problems. This article by Specops SOftware looks at the motivations driving credential theft and the tactics bad actors are likely to use. [...]


https://www.bleepingcomputer.com/news/se...mpromised/

Microsoft fixes known issue causing Outlook freezes, slow starts


Microsoft has fixed a known issue affecting Outlook for Microsoft 365 users since June and causing slow starts and freezes as if Offline Outlook Data Files (OST) were syncing right after launch. [...]


https://www.bleepingcomputer.com/news/mi...ow-starts/

SpyNote Android malware spreads via fake volcano eruption alerts


Android malware 'SpyNote' was seen in an Italy-focused campaign that uses a phony 'IT-alert' public alert service website to infect visitors. [...]


https://www.bleepingcomputer.com/news/se...on-alerts/

D-Link confirms data breach after employee phishing attack


Taiwanese networking equipment manufacturer D-Link confirmed a data breach linked to information stolen from its network and put up for sale on BreachForums earlier this month. [...]


https://www.bleepingcomputer.com/news/se...ng-attack/