- + Cybercriminals Exploiting Microsoft’s Quick Assist Feature in Ransomware Attacks—The Microsoft Threat Intelligence team said it has observed a threat it tracks under the name Storm-1811 abusing the client management ...
- + Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability—Google has rolled out fixes to address a set of nine security issues in its Chrome browser, including a new zero-day that has been expl...
- + FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity—Law enforcement agencies have officially seized control of the notorious BreachForums platform, an online bazaar known for peddling stolen d...
- + Google Launches AI-Powered Theft and Data Protection Features for Android Devices—Google has announced a slew of privacy and security features in Android, including a suite of advanced protection features to help secure users' devic...
- + Android 15 Rolls Out Advanced Features to Protect Users from Scams and Malicious Apps—Google is unveiling a set of new features in Android 15 to prevent malicious apps installed on the device from capturing sensitive data. This constitu...
- + Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions—An unnamed European Ministry of Foreign Affairs (MFA) and its three diplomatic missions in the Middle East were targeted by two previously undocumente...
- + (Cyber) Risk = Probability of Occurrence x Damage —Here’s How to Enhance Your Cyber Resilience with CVSS In late 2023, the Common Vulnerability Scoring System (CVSS) v4.0 was unveiled, succeeding the e...
- + Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years—A malware botnet called Ebury is estimated to have compromised 400,000 Linux servers since 2009, out of which more than 100,000 were still c...
- + It's Time to Master the Lift & Shift: Migrating from VMware vSphere to Microsoft Azure—While cloud adoption has been top of mind for many IT professionals for nearly a decade, it’s only in recent months, with industry changes a...
- + Dutch Court Sentences Tornado Cash Co-Founder to 5 Years in Prison for Money Laundering—A Dutch court on Tuesday sentenced one of the co-founders of the now-sanctioned Tornado Cash cryptocurrency mixer service to 5 years and&nbs...
- + Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days—Microsoft has addressed a total of 61 new security flaws in its software as part of its Patch Tuesday updates for May 2024, including t...
- + VMware Patches Severe Security Flaws in Workstation and Fusion Products—Multiple security flaws have been disclosed in VMware Workstation and Fusion products that could be exploited by threat actors to access sen...
- + New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation—Google on Monday shipped emergency fixes to address a new zero-day flaw in the Chrome web browser that has come under active exploitation in the wild....
- + Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code—The maintainers of the Cacti open-source network monitoring and fault management framework have addressed a dozen security flaws, including ...
- + 6 Mistakes Organizations Make When Deploying Advanced Authentication—Deploying advanced authentication measures is key to helping organizations address their weakest cybersecurity link: their human users. Havi...
- + Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls—Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtai...
- + Ongoing Campaign Bombarded Enterprises with Spam Emails and Phone Calls—Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtai...
- + Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices—Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking d...
- + MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices—The MITRE Corporation has officially made available a new threat-modeling framework called EMB3D for makers of embedded devices used in crit...
- + The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield—With the browser becoming the most prevalent workspace in the enterprise, it is also turning into a popular attack vector for cyber attacker...
- + SHQ Response Platform and Risk Centre to Enable Management and Analysts Alike —In the last decade, there has been a growing disconnect between front-line analysts and senior management in IT and Cybersecurity. Well-documented cha...
- + Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries—Cybersecurity researchers have disclosed multiple security flaws in Cinterion cellular modems that could be potentially exploited by threat actors to ...
- + Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia—The Black Basta ransomware-as-a-service (RaaS) operation has targeted more than 500 private industry and critical infrastructure entities in North Ame...
- + Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo—Cybersecurity researchers have identified a malicious Python package that purports to be an offshoot of the popular requests library and has...
- + FIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RAT—The financially motivated threat actor known as FIN7 has been observed leveraging malicious Google ads spoofing legitimate brands&...
- + North Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto Firms—The North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as...
- + CensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)—Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats....
- + Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability—Google on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as&nbs...
- + What's the Right EDR for You? —A guide to finding the right endpoint detection and response (EDR) solution for your business’ unique needs. Cybersecurity has become an ong...
- + Malicious Android Apps Pose as Google, Instagram, WhatsApp to Steal Credentials—Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users' credentials ...
- + Malicious Android Apps Pose as Google, Instagram, WhatsApp, to Steal Credentials—Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users' credentials ...
- + Malicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via Smishing—Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users' credentials ...
- + Researchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI Models—Cybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) servi...
- + New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation—Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim'...
- + Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign—Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called&...
- + New Guide: How to Scale Your vCISO Services Profitably—Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can an...
- + Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery—Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That's acco...
- + Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover—Two security vulnerabilities have been discovered in F5 Next Central Manager that could be exploited by a threat actor to seize control of the devices...
- + A SaaS Security Challenge: Getting Permissions All in One Place —Permissions in SaaS platforms like Salesforce, Workday, and Microsoft 365 are remarkably precise. They spell out exactly which users have access ...
- + New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data—Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key ...
- + The Fundamentals of Cloud Security Stress Testing—״Defenders think in lists, attackers think in graphs,” said John Lambert from Microsoft, distilling the fundamental difference in mindset between thos...
- + Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version—A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis technique...
- + Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites—A high-severity flaw impacting the LiteSpeed Cache plugin for WordPress is being actively exploited by threat actors to create rogue ad...
- + Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator—The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-ol...
- + APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data—The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target net...
- + China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion—The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now&nbs...
- + New Case Study: The Malicious Comment—How safe is your comments section? Discover how a seemingly innocent 'thank you' comment on a product page concealed a malicious vulnerability, unders...
- + Google Simplifies 2-Factor Authentication Setup (It's More Important Than Ever)—Google on Monday announced that it's simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace account...
- + Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering—A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexa...
- + Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution—More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched sec...
- + China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices—The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work...
- + It Costs How Much?!? The Financial Pitfalls of Cyberattacks on SMBs—Cybercriminals are vipers. They’re like snakes in the grass, hiding behind their keyboards, waiting to strike. And if you're a small- and medium-...
- + Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components—Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "...
- + New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs—Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infecte...
- + Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities—Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state a...
- + Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back—In today's rapidly evolving digital landscape, the threat of Distributed Denial of Service (DDoS) attacks looms more significant than ever. As these c...
- + Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications—Threat actors have been increasingly weaponizing Microsoft Graph API for malicious purposes with the aim of evading detection. Thi...
- + New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data—SaaS applications are dominating the corporate landscape. Their increased use enables organizations to push the boundaries of technology and business....
- + NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources—The U.S. government on Thursday published a new cybersecurity advisory warning of North Korean threat actors' attempts to send emails in a manner...
- + Google Announces Passkeys Adopted by Over 400 Million Accounts—Google on Thursday announced that passkeys are being used by over 400 million Google accounts, authenticating users more than 1 billion time...
- + Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks—HPE Aruba Networking (formerly Aruba Networks) has released security updates to address critical flaws impacting ArubaOS that could result in remote c...
- + Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw—Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could ...
- + Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million—A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ra...
- + When is One Vulnerability Scanner Not Enough?—Like antivirus software, vulnerability scans rely on a database of known weaknesses. That’s why websites like VirusTotal exist, to give cyber practiti...
- + Dropbox Discloses Breach of Digital Signature Service Affecting All Users—Cloud storage services provider Dropbox on Wednesday disclosed that Dropbox Sign (formerly HelloSign) was breached by unidentified threat ac...
- + New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw—A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security fl...
- + CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw impacting GitLab to its Known Exploited Vulnerabi...
- + New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials—A new malware called Cuttlefish is targeting small office and home office (SOHO) routers with the goal of stealthily monitori...
- + Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds—A forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and mo...
- + Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers—Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays ...
- + How to Make Your Employees Your First Line of Cyber Defense—There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you...
- + Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success—There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you...
- + ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan—The authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan...
- + Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia—A former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer c...
- + Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years—Cybersecurity researchers have discovered multiple campaigns targeting Docker Hub by planting millions of malicious "imageless" containers o...
- + U.S. Government Releases New AI Security Guidelines for Critical Infrastructure—The U.S. government has unveiled new security guidelines aimed at bolstering critical infrastructure against artificial intelligence (AI)-related thre...
- + Considerations for Operational Technology Cybersecurity—Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise's physical devices, processes,...
- + New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024—The U.K. National Cyber Security Centre (NCSC) is calling on manufacturers of smart devices to comply with new legislation that prohibi...
- + Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023—Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with ...
- + China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale—A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS...
- + Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM—It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolv...
- + New R Programming Vulnerability Exposes Projects to Supply Chain Attacks—A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious R...
- + Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover—Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to ...
- + Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks—Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at...
- + Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw—Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw i...
- + Bogus npm Packages Used to Trick Software Developers into Installing Malware—An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick ...
- + Severe Flaws Disclosed in Brocade SANnav SAN Management Software—Several security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to co...
- + 10 Critical Endpoint Security Tips You Should Know—In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because ...
- + New 'Brokewell' Android Malware Spread Through Fake Browser Updates—Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern ...
- + Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack—Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under...
- + Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites—Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. Th...
- + North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures—The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access troj...
- + Network Threats: A Step-by-Step Attack Demonstration—Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetec...
- + DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions—The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and...
- + Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny—Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstandin...
- + State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage—A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target...
- + U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks—The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involve...
- + Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike—Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver malware called SSLoad. The...
- + Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users—Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The fi...
- + CISO Perspectives on Complying with Cybersecurity Regulations—Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compl...
- + eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners—A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners li...
- + CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers—A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and R...
- + Apache Cordova App Harness Targeted in Dependency Confusion Attack—Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion...
- + Webinar: Learn Proactive Supply Chain Threat Hunting Techniques—In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricat...
- + Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery—Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how an...
- + Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases—European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-e...
- + German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies—German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants&nbs...
- + U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse—The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly invo...
- + Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware—The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to ...
- + ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft—The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments...
- + Russian Hacker Group ToddyCat Uses Advanced Tools for Industrial-Scale Data Theft—The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments...
- + Pentera's 2024 Report Reveals Hundreds of Security Events per Week, Highlighting the Criticality of Continuous Validation—Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, ...
- + MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws—The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure applia...
- + Ransomware Double-Dip: Re-Victimization in Cyber Extortion—Between crossovers - Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a Cyber Extor...
- + Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers—New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal ...
- + Microsoft Warns: North Korean Hackers Turn to AI-Fueled Cyber Espionage—Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more ...
- + New RedLine Stealer Variant Disguised as Game Cheats Using Lua Bytecode for Stealth—A new information stealer has been found leveraging Lua bytecode for added stealth and sophistication, findings from McAfee Labs reveal. The cybersecu...
- + Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack—Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild&...
- + Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks—Users of the CrushFTP enterprise file transfer software are being urged to update to the latest version following the discovery of...
- + BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool—Technology, research, and government sectors in the Asia-Pacific region have been targeted by a threat actor called BlackTech as part o...
- + How Attackers Can Own a Business Without Touching the Endpoint—Attackers are increasingly making use of “networkless” attack techniques targeting cloud apps and identities. Here’s how attackers...
- + Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers—Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than ...
- + Hackers Target Middle East Governments with Evasive "CR4T" Backdoor—Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4...
- + OfflRouter Malware Evades Detection in Ukraine for Almost a Decade—Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an...
- + FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor—The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known...
- + Recover from Ransomware in 5 Minutes—We will Teach You How!—Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you det...
- + New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks—A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest ...
- + How to Conduct Advanced Static Analysis in a Malware Sandbox—Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior....
- + Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide—As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used...
- + Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes—Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them f...
- + Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor—A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backd...
- + Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks—A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, incl...
- + GenAI: A New Headache for SaaS Security Teams—The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS ...
- + Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware—Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-20...
- + Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign—Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to d...
- + Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services—Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web applicat...
- + OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt—Security researchers have uncovered a "credible" takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently...
- + TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks—The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware ...
- + AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs—New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive cred...
- + Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack—The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.6...
- + Identity in the Shadows: Shedding Light on Cybersecurity's Unseen Threats—In today's rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud s...
- + FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations—The U.S. Federal Trade Commission (FTC) has ordered the mental telehealth company Cerebral from using or disclosing personal data for advertising purp...
- + Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown—Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan cal...
- + Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw—A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel ...
- + AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead—Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted a...
- + Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks—The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service pro...
- + Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution—To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) p...
- + Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users—Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS s...
- + Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability—Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation...
- + Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts—A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptoc...
- + U.S. Treasury Hamas Spokesperson for Cyber Influence Operations—The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his...
- + Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack—Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly thr...
- + Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files—"Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings fro...
- + Code Keepers: Mastering Non-Human Identity Management—Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic a...
- + Iranian MuddyWater Hackers Adopt New C2 Tool 'DarkBeatC2' in Latest Campaign—The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the...
- + Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack—Palo Alto Networks is warning that a critical flaw impacting PAN-OS software used in its GlobalProtect gateways is being actively exploited in the wil...
- + Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker—Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to ev...
- + U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks—The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued an emergency directive (ED 24-02) urging federal agencies to hunt ...
- + Python's PyPI Reveals Its Secrets—GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API...
- + TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer—A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as par...
- + Apple Updates Spyware Alert System to Warn Victims of Mercenary Attacks—Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users ...
- + Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability—Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code executi...
- + 'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan—An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, wit...
- + Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files—Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that has been propagating the malware through malicious Windows Script F...
- + Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware—Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading ...
As of 5/16/24 1:48am. Last new 5/15/24 11:46pm. Score: 304
- Next feed in category: US-CERT Recently Published Vulnerability Notes