North Korean Hackers Launch New Wave of npm Package Attacks
North Korean groups exploited npm packages in coordinated attacks, targeting developers and cryptocurrency wallet browser extensions
Information Security Magazine
BlackByte Adopts New Tactics, Targets ESXi Hypervisors
5 months ago
BlackByte, linked to the Conti group, exploited VMware ESXi CVE-2024-37085 to control virtual machines
Unpatched CCTV Cameras Exploited to Spread Mirai Variant
5 months ago
Threat actors are exploiting a vulnerability found in CCTV cameras used in critical infrastructure to spread a Mirai malware variant
Surge in New Scams as Pig Butchering Dominates
5 months ago
Chainalysis report reveals a likely increase in new internet scams this year as fraudsters adapt to increasing enforcement efforts
Iranian Hackers Secretly Aid Ransomware Attacks on US
5 months ago
CISA and the FBI warned that Iranian APT group, Fox Kitten, has helped ransomware groups to attack US organizations since 2017
IT Engineer Charged For Attempting to Extort Former Employer
5 months ago
A virtual machine specialist was arrested after a foiled data extortion plot targeting his former employer
Ransomware Attacks Exposed 6.7 Million Records in US Schools
5 months ago
Ransomware attacks on US schools and colleges have surged, with 491 incidents since 2018, affecting over 8000 institutions
LummaC2 Infostealer Resurfaces With Obfuscated PowerShell Tactics
5 months ago
LummaC2, a C-based MaaS tool first identified in 2022, has resurfaced to exfiltrate credentials and personal data
Iran-Backed Peach Sandstorm Hackers Deploy New Tickler Backdoor
5 months ago
The hacking subsidiary of the Iranian Islamic Revolutionary Guard Corps (RGC) has targeted satellite, communications, oil and gas and government sectors in the US and UAE
Money Laundering Dominates UK Fraud Cases
5 months ago
KPMG research finds money laundering accounted for the majority of fraud cases heard in the first half of 2024
South Korean Spies Exploit WPS Office Zero-Day
5 months ago
ESET uncovers a South Korean cyber-espionage campaign featuring a zero-day exploit for WPS Office
Microsoft 365 Copilot Vulnerability Exposes User Data Risks
5 months ago
The flaw in Microsoft 365 Copilot allowed data theft using ASCII smuggling and prompt injection
MOVEit Hack Exposed Personal Data of Half Million TDECU Users
5 months ago
The Texas Dow Employees Credit Union told the Maine Attorney General the MOVEit data breach compromised information of over 500,000 members
FBI Flawed Data Handling Raises Security Concerns
5 months ago
A US Justice Department watchdog has found “significant weaknesses” in the FBI’s physical and online media storage and disposal processes
Suspected Cyber-Attack Causes Travel Chaos at Seattle Airport
5 months ago
The Port of Seattle revealed system outages at the city’s airport may have been caused by a cyber-attack, affecting early Labor Day travel
Uber Hit With €290m GDPR Fine
5 months ago
The Dutch data protection regulator has imposed a €290m GDPR fine on Uber for storing driver data in the US without adequate safeguards
A Third of Organizations Suffer SaaS Data Breaches
5 months ago
AppOmni report claims number of companies suffering SaaS-related data breaches has jumped five percentage points over past year
Newly Discovered Group Offers CAPTCHA-Solving Services to Cybercriminals
5 months ago
Greasy Opal is a Czech Republic-based hacking group selling products that can be used for deploying cyber-attacks
NSA Releases Guide to Combat Living Off the Land Attacks
5 months ago
The National Security Agency has published a guide to help organizations defend against APT attacks that leverage living off the land techniques
Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware
5 months ago
The Chinese cyber espionage group was observed jailbreaking a Cisco switch appliance using a zero-day exploit
Checked
1 hour 52 minutes ago