New EarlyRAT malware linked to North Korean Andariel hacking group
Security analysts have discovered a previously undocumented remote access trojan (RAT) named 'EarlyRAT,' used by Andariel, a sub-group of the...
News
Proton launches open-source password manager with some limitations
Proton AG has announced the global availability of Proton Pass, an open-source and free-to-use password manager available as a browser...
US-CERT Vulnerability Summary for the Week of June 19, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
From MuddyC3 to PhonyC2: Iran’s MuddyWater Evolves with a New Cyber Weapon
The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control (C2) framework called PhonyC2 that's been...
Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes
Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware "represents a significant shift...
North Korean Hacker Group Andariel Strikes with New EarlyRat Malware
The North Korea-aligned threat actor known as Andariel leveraged a previously undocumented malware called EarlyRat in attacks exploiting the Log4j...
Android Spy App LetMeSpy Suffers Major Data Breach, Exposing Users’ Personal Data
Android-based phone monitoring app LetMeSpy has disclosed a security breach that allowed an unauthorized third-party to steal sensitive data associated...
The Right Way to Enhance CTI with AI (Hint: It’s the Data)
Cyber threat intelligence is an effective weapon in the ongoing battle to protect digital assets and infrastructure - especially when...
Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data
A previously undocumented Windows-based information stealer called ThirdEye has been discovered in the wild with capabilities to harvest sensitive data...
Critical Security Flaw in Social Login Plugin for WordPress Exposes Users’ Accounts
A critical security flaw has been disclosed in miniOrange's Social Login and Register plugin for WordPress that could enable a...
New Mockingjay process injection technique evades EDR detection
A new process injection technique named 'Mockingjay' could allow threat actors to bypass EDR (Endpoint Detection and Response) and other...
Just released: Session tracks for Mandiant’s 2023 mWISE event
Mark your calendar for mWISE™, the uniquely targeted, community-focused cybersecurity conference from Mandiant. It runs from September 18 – 20,...
8Base ransomware gang escalates double extortion attacks in June
A 8Base ransomware gang is targeting organizations worldwide in double-extortion attacks, with a steady stream of new victims since the...
EncroChat takedown led to 6,500 arrests and $979 million seized
Europol announced today that the takedown of the EncroChat encrypted mobile communications platform has led to the arrest of over...
Siemens Energy confirms data breach after MOVEit data-theft attack
Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in...
Hundreds of devices found violating new CISA federal agency directive
Censys researchers have discovered hundreds of Internet-exposed devices on the networks of U.S. federal agencies that have to be secured...
NPM ecosystem at risk from “Manifest Confusion” attacks
The NPM (Node Package Manager) registry suffers from a security lapse called "manifest confusion," which undermines the trustworthiness of packages...
Exploit released for new Arcserve UDP auth bypass vulnerability
Data protection vendor Arcserve has addressed a high-severity security flaw in its Unified Data Protection (UDP) backup software that can...
Brave Browser boosts privacy with new local resources restrictions
The Brave team has announced that the privacy-centric browser will soon introduce new restriction controls allowing users to specify how...
Linux version of Akira ransomware targets VMware ESXi servers
The Akira ransomware operation uses a Linux encryptor to encrypt VMware ESXi virtual machines in double-extortion attacks against companies worldwide....
The Current State of Business Email Compromise Attacks
Business Email Compromise (BEC) poses a growing threat to businesses of all sizes. As BEC attacks have almost doubled across...
US-CERT Vulnerability Summary for the Week of June 19, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Alert: New Electromagnetic Attacks on Drones Could Let Attackers Take Control
Drones that don't have any known security weaknesses could be the target of electromagnetic fault injection (EMFI) attacks, potentially enabling...
CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million
Cybersecurity researchers have exposed the workings of a scam ring called CryptosLabs that's estimated to have made €480 million in...
