How to Set Up a Threat Hunting and Threat Intelligence Program
Threat hunting is an essential component of your cybersecurity strategy. Whether you're getting started or in an advanced state, this...
News
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a...
New Cactus ransomware encrypts itself to evade antivirus
A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of “large...
New CS:GO map bypasses Russia’s censorship of Ukraine war news
Finish newspaper Helsinin Sanomat has created a custom Counter-Strike: Global Offensive (CS:GO) map explicitly made to bypass Russian news censorship...
Western Digital says hackers stole customer data in March cyberattack
Western Digital has taken its store offline and sent customers data breach notifications after confirming that hackers stole sensitive personal...
Meet Akira — A new ransomware operation targeting the enterprise
The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New PaperCut RCE exploit created that bypasses existing detections
A new proof-of-concept (PoC) exploit for an actively exploited PaperCut vulnerability was released that bypasses all known detection rules. The PaperCut...
Twitter says ‘security incident’ exposed private Circle tweets
Twitter disclosed that a 'security incident' caused private tweets sent to Twitter Circles to show publicly to users outside of...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry
An advanced persistent threat (APT) actor known as Dragon Breath has been observed adding new layers of complexity to its...
Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Installs Compromised
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack...
New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks
Users of Advanced Custom Fields plugin for WordPress are being urged to update version 6.1.6 following the discovery of a...
New Android updates fix kernel bug exploited in spyware attacks
Android security updates released this month patch a high-severity vulnerability exploited as a zero-day to install commercial spyware on compromised...
WordPress custom field plugin bug exposes over 1M sites to XSS attacks
Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are...
New Android FluHorse malware steals your passwords, 2FA codes
A new Android malware called 'FluHorse' has been discovered, targeting users in Eastern Asia with malicious apps that imitate legitimate...
The Week in Ransomware – May 5th 2023 – Targeting the public sector
This week's ransomware news has been dominated by a Royal ransomware attack on the City of Dallas that took down...
ALPHV gang claims ransomware attack on Constellation Software
Canadian diversified software company Constellation Software confirmed on Thursday that some of its systems were breached by threat actors who...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New Android Malware ‘FluHorse’ Targeting East Asian Markets with Deceptive Tactics
Various sectors in East Asian markets have been subjected to a new email phishing campaign that distributes a previously undocumented...
N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks
The North Korean state-sponsored threat actor known as Kimsuky has been discovered using a new reconnaissance tool called ReconShark as...
Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised
PHP software package repository Packagist revealed that an "attacker" gained access to four inactive accounts on the platform to hijack...
Lack of Visibility: The Challenge of Protecting Websites from Third-Party Scripts
Third-party apps such as Google Analytics, Meta Pixel, HotJar, and JQuery have become critical tools for businesses to optimize their...
Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN
Italian corporate banking clients are the target of an ongoing financial fraud campaign that has been leveraging a new web-inject...
