New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls
Cybersecurity researchers have discovered a new version of a well-known Android malware family dubbed FakeCall that employs voice phishing (aka...
News
Critical Software Vulnerabilities in Industrial Devices: CISA’s Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding software vulnerabilities affecting industrial devices. This alert...
Chinese Hackers Shift Tactics: Enhanced Stealth and Targeted Attacks
Cybersecurity insights reveal that Chinese hackers have developed stealthier techniques over recent years, shifting from broad attacks to targeted strategies....
Iranian Threat Actor Cotton Sandstorm Leveraging New Tradecraft
The warning from the US and Israel highlights the evolving tactics of the Iranian state-sponsored group Cotton Sandstorm, now leveraging...
Inside Iran’s Cyber Playbook: AI, Fake Hosting, and Psychological Warfare
U.S. and Israeli cybersecurity agencies have published a new advisory attributing an Iranian cyber group to targeting the 2024 Summer...
Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns
Microsoft is further delaying the release of its controversial Recall feature for Windows Copilot+ PCs, stating it's taking the time...
5 SaaS Misconfigurations Leading to Major Fu*%@ Ups
With so many SaaS applications, a range of configuration options, API capabilities, endless integrations, and app-to-app connections, the SaaS risk...
Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft
Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate...
Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned
Cybersecurity researchers have flagged a "massive" campaign that targets exposed Git configurations to siphon credentials, clone private repositories, and even...
Stop LUCR-3 Attacks: Learn Key Identity Security Tactics in This Expert Webinar
Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within...
New Phishing Kit Xiū gǒu Targets Users Across Five Countries With 2,000 Fake Sites
Cybersecurity researchers have disclosed a new phishing kit that has been put to use in campaigns targeting Australia, Japan, Spain,...
81% of US Small Businesses Affected by Data Breaches: Security Measures on the Rise
In a concerning trend, 81% of US small businesses faced data breaches last year, compelling many to ramp up their...
Emeraldwhale Attack Exposes Misconfigured Git Configurations and 15,000 Credentials
The Emeraldwhale attack has revealed vulnerabilities in misconfigured Git configurations, leading to the theft of over 15,000 cloud service credentials....
Chinese Hackers Breach Canadian Government Networks: A Growing Cyber Threat
Chinese-sponsored hackers have compromised at least 20 Canadian government networks over the past four years, raising alarms about national security....
Xiu Gou Phishing Kit Targets Users in US and Worldwide with Unique Mascot
The Xiu Gou phishing kit is a new cyber threat targeting users in the US, UK, Australia, Japan, and Spain,...
North Korean Hackers’ First Collaboration with Play Ransomware
A North Korean-backed hacking group has taken a significant step by engaging in a ransomware campaign, marking a notable shift...
Surge in Malware Attacks: 236% Increase Targeting Government Sector
The government sector is witnessing a troubling 236% surge in malware attacks, highlighting an urgent need for enhanced cybersecurity measures....
LottieFiles Issues Warning About Compromised “lottie-player” npm Package
LottieFiles has revealed that its npm package "lottie-player" was compromised as part of a supply chain attack, prompting it to...
New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics
Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that not only expands on its...
Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities
In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as "the...
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites
A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat...
Midnight Blizzard Spearphishing Campaign Exposes Thousands to RDP Threats
The Midnight Blizzard spearphishing campaign poses a serious threat, targeting thousands with malicious RDP files and information-stealing tactics. Microsoft has...
CISA Unveils Its First International Cybersecurity Strategy
The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled its inaugural international strategic plan aimed at enhancing global collaboration in...
Apple Security Update: Critical Patches for macOS and iOS Vulnerabilities
Apple has implemented vital security updates across its operating systems, enhancing protection against vulnerabilities in macOS and iOS. On October...
