Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code
The threat actors behind the nascent Buhti ransomware have eschewed their custom payload in favor of leaked LockBit and Babuk...
News
Webinar with Guest Forrester: Browser Security New Approaches
In today's digital landscape, browser security has become an increasingly pressing issue, making it essential for organizations to be aware...
China’s Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected
A stealthy China-based group managed to establish a persistent foothold into critical infrastructure organizations in the U.S. and Guam without...
Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware
The Iranian threat actor known as Agrius is leveraging a new ransomware strain called Moneybird in its attacks targeting Israeli...
GUAC 0.1 Beta: Google’s Breakthrough Framework for Secure Software Supply Chains
Google on Wednesday announced the 0.1 Beta version of GUAC (short for Graph for Understanding Artifact Composition) for organizations to...
Barracuda warns of email gateways breached via zero-day flaw
Barracuda, a company known for its email and network security solutions, warned customers today that some of their Email Security...
New PowerExchange malware backdoors Microsoft Exchange servers
A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft...
Iranian hackers use new Moneybird ransomware to attack Israeli orgs
Image: Bing Create A suspected Iranian state-supported threat actor known as 'Agrius' is now deploying a new ransomware strain named...
Hackers target 1.5M WordPress sites with cookie consent plugin exploit
Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie...
Chinese hackers breach US critical infrastructure in stealthy attacks
Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United...
GitLab ‘strongly recommends’ patching max severity flaw ASAP
GitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal...
US-CERT Vulnerability Summary for the Week of May 15, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry
At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a...
What to Look for When Selecting a Static Application Security Testing (SAST) Solution
If you're involved in securing the applications your organization develops, there is no question that Static Application Security Testing (SAST)...
Data Stealing Malware Discovered in Popular Android Screen Recorder App
Google has removed a screen recording app named "iRecorder - Screen Recorder" from the Play Store after it was found...
Legion Malware Upgraded to Target SSH Servers and AWS Credentials
An updated version of the commodity malware called Legion comes with expanded features to compromise SSH servers and Amazon Web...
N. Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware
The infamous Lazarus Group actor has been targeting vulnerable versions of Microsoft Internet Information Services (IIS) servers as an initial...
E.U. Regulators Hit Meta with Record $1.3 Billion Fine for Data Transfer Violations
Facebook's parent company Meta has been fined a record $1.3 billion by European Union data protection regulators for transferring the...
Cyber Attacks Strike Ukraine’s State Bodies in Espionage Operation
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks targeting state bodies in the country as...
Cuba ransomware claims cyberattack on Philadelphia Inquirer
The Cuba ransomware gang has claimed responsibility for this month's cyberattack on The Philadelphia Inquirer, which temporarily disrupted the newspaper's...
Arms maker Rheinmetall confirms BlackBasta ransomware attack
German automotive and arms manufacturer Rheinmetall AG confirms that it suffered a BlackBasta ransomware attack that impacted its civilian business....
GoldenJackal state hackers silently attacking govts since 2019
Image: Bing Create A relatively unknown advanced persistent threat (APT) group named 'GoldenJackal' has been targeting government and diplomatic entities...
New AhRat Android malware hidden in app with 50,000 installs
Image: Bing Image Creator ESET malware researchers found a new remote access trojan (RAT) on the Google Play Store, hidden...
IT employee impersonates ransomware gang to extort employer
A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing...
