Malicious actors were detected abusing the open-source hypervisor platform QEMU as a tunneling tool in a cyberattack against a large company. QEMU is a free emulator and hypervisor that allows you to run other operating systems as guests on a computer. As part of the attack, threat actors used QEMU to create virtual network interfaces

Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the discovery and compromise of the hosts. The malicious tools used in the campaign take advantage of the configuration weaknesses and exploit an old vulnerability in Atlassian Confluence to execute code on the machine. Researchers at

The U.S. has imposed sanctions on two individuals and five entities linked to the development and distribution of the Predator commercial spyware used to target Americans, including government officials and journalists. “Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) designated two individuals and five entities associated with the Intellexa Consortium for

Microsoft has unexpectedly announced they are ending support for the Windows Subsystem for Android next year on March 5th. The Windows Subsystem for Android (WSA) allows users to run native Android apps in a virtualized environment with sound, graphics, and network connectivity. Released in October 2021, WSA quickly became a novelty for allowing users to install apps

A new malware dubbed ‘WogRAT’ targets both Windows and Linux in attacks abusing an online notepad platform named ‘aNotepad’ as a covert channel for storing and retrieving malicious code. According to AhnLab Security Intelligence Center (ASEC) researchers, who named the malware from a string reading ‘WingOfGod,’ it has been active since at least late 2022,

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. “Apple is aware of a report that this issue may have been exploited,” the company said in an advisory issued on Tuesday. The two bugs were found in the iOS Kernel (CVE-2024-23225) and RTKit (CVE-2024-23296), both allowing attackers with

  The National Security Agency is sharing new guidance to help organizations limit an adversary’s movement on the internal network by adopting zero-trust framework principles. A zero-trust security architecture requires strict controls for accessing resources on the network, be they inside or outside the physical perimeter, to minimize the impact of a breach. Compared to