Researchers unearth two previously unknown Linux backdoors – Help Net Security

These tools are designed to maintain persistent access and execute commands stealthily, enabling prolonged intelligence gathering while evading detection.

Single Right-Click Let Hackers Gain Access To System By Exploiting 0-Day

This 0-day flaw, identified by security analysts at ClearSky Cyber Security in June 2024, allows attackers to gain unauthorized access to systems through minimal user interaction.

Schneider Electric hit by Ransomware Demand of $125,000 in baguettes.

Schneider Electric confirmed that it is investigating a breach as a ransomware group Hellcat claims to have stolen more than 40 GB of compressed data — and demanded the French multinational energy management company pay $125,000 in baguettes or else see its sensitive customer and operational information leaked.

HYPR is latest firm to reveal hiring of fraudulent IT worker overseas | CyberScoop

Company officials say the individual was caught during the onboarding process, but used proxies and verified documents to back up their legend.

Russian group’s hack of Texas water system underscores critical OT cyber threats | CSO Online

But water systems have been increasingly in the crosshairs in 2024, resulting in the following noteworthy water security developments:

JPCERT shares Windows Event Log tips to detect ransomware attacks

The investigation strategy proposed by JPCERT/CC covers four types of Windows Event Logs: Application, Security, System, and Setup logs.

How to manage shadow IT and reduce your attack surface

There is a reason why a lot of organizations shy away from people bringing their own devices to work. https://www.bleepingcomputer.com/news/security/how-to-manage-shadow-it-and-reduce-your-attack-surface/

6 things hackers know that they don’t want security pros to know that they know | CSO Online

“Hackers know that the average CISO has a lot on their plates and they don’t have enough [resources] to get everything done.

Unpatchable 0-day in surveillance cam is being exploited to install Mirai | Ars Technica

Akamai said that the attackers are exploiting the vulnerability so they can install a variant of Mirai, which arrived in September 2016 when a botnet of infected devices took down cybersecurity news site Krebs on Security.

Watch out — those movie downloads could actually just be vicious new Windows malware | TechRadar

Be careful when looking for pirated movies online – experts have warners many files are out there just to infect your Windows PCs with dangerous malware and infostealers.