Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI
A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer...
News
New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers
Misconfigured Redis database servers are the target of a novel cryptojacking campaign that leverages a legitimate and open source command-line...
2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots
As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used...
SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics
The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on...
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and...
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
Six different law firms were targeted in January and February 2023 as part of two disparate threat campaigns distributing GootLoader...
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
A stealthy Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus has become the first publicly known malware capable of bypassing...
Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy
Google has announced the general availability of client-side encryption (CSE) for Gmail and Calendar, months after piloting the feature in...
CISOs Are Stressed Out and It’s Putting Companies at Risk
Employee well-being has become a primary focus for many businesses. Even before the pandemic, the C-suite was acutely aware of...
Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT....
New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises
A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within...
Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain
Romanian cybersecurity company Bitdefender has released a free decryptor for a new ransomware strain known as MortalKombat. MortalKombat is a...
Application Security vs. API Security: What is the difference?
As digital transformation takes hold and businesses become increasingly reliant on digital services, it has become more important than ever...
APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia
The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia....
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known...
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
LastPass, which in December 2022 disclosed a severe data breach that allowed threat actors to access encrypted password vaults, said...
How to Tackle the Top SaaS Challenges of 2023
Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan...
Researchers Share New Insights Into RIG Exploit Kit Malware’s Operations
The RIG exploit kit (EK) touched an all-time high successful exploitation rate of nearly 30% in 2022, new findings reveal....
Shocking Findings from the 2023 Third-Party App Access Report
Spoiler Alert: Organizations with 10,000 SaaS users that use M365 and Google Workspace average over 4,371 additional connected apps. SaaS-to-SaaS...
PureCrypter Malware Targets Government Entities in Asia-Pacific and North America
Government entities in Asia-Pacific and North America are being targeted by an unknown threat actor with an off-the-shelf malware downloader...
PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks
The PlugX remote access trojan has been observed masquerading as an open source Windows debugger tool called x64dbg in an...
How to Tackle the Top SaaS Challenges of 2023
Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan...
ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks
A new ChromeLoader malware campaign has been observed being distributed via virtual hard disk (VHD) files, marking a deviation from...
How to Tackle the Top SaaS Challenges of 2023
Are you prepared to tackle the top SaaS challenges of 2023? With high-profile data breaches affecting major companies like Nissan...
