Cyble Research & Intelligence Labs (CRIL) researchers investigated 22 security vulnerabilities this week, plus industrial control system (ICS) vulnerabilities and dark web exploits, to help us arrive at our list of six vulnerabilities that security teams need to prioritize. Those vulnerabilities include show more ...
A historic prisoner swap with Russia was completed on Thursday in Turkey that secured the release of sixteen high-profile individuals, including Wall Street Journal reporter Evan Gershkovich, Marine veteran Paul Whelan, and Russian-American journalist Alsu Kurmasheva. But the deal has reportedly come at the cost of show more ...
Researchers uncovered a critical operational security (OPSEC) failure by the Medusa Ransomware Group, allowing them to access the group's cloud storage, revealing a trove of exfiltrated data from various victims. The incident came to light during a ransomware response operation. Investigators found that Medusa had show more ...
As cyberattacks on healthcare organizations surge, several state-level lawmakers are pushing back against what they see as excessive class-action lawsuits over data breaches in the United States. Several states have moved to reduce liability for healthcare providers that adopt new security protocols. Tennessee is the show more ...
Fresnillo plc, the world’s largest primary silver producer and Mexico’s leading gold producer has reported a cybersecurity incident resulting in unauthorized access to certain IT systems and data. The company immediately initiated response measures on knowing the Fresnillo cybersecurity incident in line with its show more ...
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint announcement to raise awareness about the potential impact of Distributed Denial of Service (DDoS) attacks on election infrastructure as we approach the 2024 US general election. While these show more ...
In today's digital age, cybersecurity for banking executives has become a paramount concern. The banking sector, with its vast repositories of sensitive data and financial assets, is a prime target for cybercriminals. The importance of attack surface management for banking executives cannot be overstated as it show more ...
In an increasingly digital world, biometric authentication has emerged as a powerful tool for securing access to sensitive information and systems. Biometrics, which utilize unique physical or behavioral characteristics, offer a convenient and often more secure alternative to traditional passwords. However, as the show more ...
Evil twins — malicious Wi-Fi hotspots that intercept user data — are back in vogue. While the threat itself is nothing new (weve covered it before), fake Wi-Fi incidents have recently reached new heights — literally. In a particularly interesting case from Australia, a passenger was arrested for setting up evil show more ...
Researchers say the attacks are easy to perform, difficult to contact, nearly unrecognizable, and "entirely preventable."
A malvertising campaign uses phishing to steal legitimate account pages, with the endgame of delivering the Lumma stealer.
Law firms make the perfect target for extortion, so it's no wonder that ransomware attackers target them and demand multimillion dollar ransoms.
Significant upcoming legislation promises to tighten the screws on cyber incident response in Australia, mirroring CIRCIA in the US.
By injecting malicious bytecode into interpreters for VBScript, Python, and Lua, researchers found they can circumvent malicious code detection.
The prolific ransomware group has shifted away from phishing as the method of entry into corporate networks, and is now using initial access brokers as well as its own tools to optimize its most recent attacks.
EvilProxy, known as the "LockBit of phishing," is a popular phishing kit used in over a million attacks each month. It allows cybercriminals to launch ransomware infections, steal data, and compromise business emails.
A threat actor recently impersonated Google through a fake ad for the Google Authenticator, a popular multi-factor authentication program. This resulted in innocent users unknowingly downloading malware or falling victim to phishing scams.
Attackers disguise malicious tools as legitimate GenAI apps through phishing sites, web browser extensions, fake apps on mobile stores, and malicious ads on social media.
The attack begins with emails from an Amazon SES client containing empty PDF attachments and a message from Docusign. Despite some checks failing, the emails can still appear legitimate due to the compromised source.
TgRat Trojan, previously targeting Windows, now focuses on Linux, using Telegram to control infected machines. Discovered by Dr. Web, this RAT allows cybercriminals to exfiltrate data and execute commands.
Some companies are paying ransomware attackers multiple times, with more than a third not receiving the decryption keys or getting corrupted keys after paying, according to a survey by Semperis.
The malware was found monitoring OTP messages from over 600 global brands, with victims detected in 113 countries, including India, Russia, Brazil, Mexico, the U.S., Ukraine, Spain, and Turkey.
The UK's Electoral Commission was criticized by the Information Commissioner’s Office (ICO) for failing to protect the personal data of 40 million people from Chinese hackers in a cyberattack three years ago.
Microsoft confirmed that an eight-hour outage on Tuesday affecting its Azure portal, Microsoft 365, and Microsoft Purview services was caused by a DDoS attack. The company mentioned that its response to the outage may have worsened the impact.
Secretive is an open-source app that securely stores and manages SSH keys in the Secure Enclave for Macs. Storing keys in the Secure Enclave prevents copying or exporting by malicious users or malware, ensuring a higher level of security.
Apple has released a critical zero-day patch for older Macs running macOS Monterey 12.7.6, addressing an actively exploited vulnerability (CVE-2024-23296). The flaw in Apple’s RTKit real-time OS could allow unauthorized access to kernel memory.
Meta has agreed to pay the State of Texas $1.4 billion in a settlement for unlawfully capturing and using biometric data of millions of Texans. This is the largest privacy settlement in US history.
Lineaje has raised $20 million in a Series A funding round, led by Prosperity7 Ventures, Neotribe, and Hitachi Ventures, with Tenable Ventures also participating. This investment highlights the increasing demand for software supply chain security.
DigiCert discovered a bug in how domain ownership was verified, leading to the mass revocation of SSL/TLS certificates. Approximately 0.4% of domain validations conducted between August 2019 and June 2024 are affected.
The Kids Online Safety and Privacy Act (KOPSA) combines two bills to enhance protections for children under 17, prohibiting targeted advertising, requiring consent for data collection, and limiting exposure to harmful content.
Healthcare organizations are jeopardizing patient privacy due to insecure file-sharing practices, according to a report by Metomic. The study found that 25% of publicly shared files in healthcare contain Personally Identifiable Information (PII).
The attack targeted C-Edge Technologies, a provider of banking systems for these banks. As a precaution, the National Payment Corporation of India (NPCI) has isolated these banks from the broader payment network to contain the attack.
A report by Vipre Security Group, based on data from processing 1.8 billion emails, revealed that 49% of blocked spam emails were BEC attacks, with CEOs, HR, and IT being common targets. The study also found that 40% of BEC attacks were AI-generated.
The Senate Armed Services Committee has approved Michael Sulmeyer, the Army’s top digital adviser, as the inaugural assistant secretary of defense for cyber policy, paving the way for his nomination to the Senate floor for a vote.
Birgit Hofer and Thomas Hirsch from TU Graz have developed a new approach to speed up software bug fixes. By identifying bottlenecks in fault localization, they created a scalable solution using NLP and metrics to analyze code for faults.
Security researchers have uncovered the largest ransomware payment ever recorded, amounting to $75m, which was made to the Dark Angels group. This finding was revealed in Zscaler's ThreatLabz Ransom Report for 2024.
Ubuntu Security Notice 6936-1 - It was discovered that Apache Commons Collections allowed serialization support for unsafe classes by default. A remote attacker could possibly use this issue to execute arbitrary code.
Ubuntu Security Notice 6941-1 - It was discovered that the Python ipaddress module contained incorrect information about which IP address ranges were considered âprivateâ or âglobally reachableâ. This could possibly result in applications applying incorrect security policies.
Google has announced that it's adding a new layer of protection to its Chrome browser through what's called app-bound encryption to prevent information-stealing malware from grabbing cookies on Windows systems. "On Windows, Chrome uses the Data Protection API (DPAPI) which protects the data at rest from other users on the system or cold boot attacks," Will Harris from the Chrome security team
Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks. Recorded Future's Payment Fraud Intelligence team, which detected the campaign on April 17, 2024, has given it the name ERIAKOS owing to the use of the same content delivery network (CDN) oss.eriakos[.]com. "These
Cybersecurity researchers have uncovered a new Android remote access trojan (RAT) called BingoMod that not only performs fraudulent money transfers from the compromised devices but also wipes them in an attempt to erase traces of the malware. Italian cybersecurity firm Cleafy, which discovered the RAT towards the end of May 2024, said the malware is under active development. It attributed the
How to detect and prevent attackers from using these various techniques Obfuscation is an important technique for protecting software that also carries risks, especially when used by malware authors. In this article, we examine obfuscation, its effects, and responses to it. What Is Obfuscation? Obfuscation is the technique of intentionally making information difficult to read, especially in
Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed. "In a Sitting
In yet another sign that threat actors are always looking out for new ways to trick users into downloading malware, it has come to light that the question-and-answer (Q&A) platform known as Stack Exchange has been abused to direct unsuspecting developers to bogus Python packages capable of draining their cryptocurrency wallets. "Upon installation, this code would execute automatically,
The staggering sum of US $75 million has reportedly been paid to a ransomware gang in what is believed to be the largest known ransom payment made by a cyber attack victim since records began. Read more in my article on the Hot for Security blog.
