Mandiant’s X Account Was Hacked in Brute-Force Password Attack
Cyber threat intelligence giant Mandiant has shared the results of its investigation on its recent X account hijacking following a...
Cyber threat intelligence giant Mandiant has shared the results of its investigation on its recent X account hijacking following a...
The ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host...
A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and...
Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source...
As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for...
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one...
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via...
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
During the past month, we have observed an increase in the number of malicious ads on Google searches for “Zoom”,...
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat...
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising...
Ivanti has disclosed two zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-21887) that are being actively exploited. The vulnerabilities are:- CVE-2023-46805: Successful exploitation of...
The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing...
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked...
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to...
Fidelity National Financial (FNF) has confirmed that a November cyberattack (claimed by the BlackCat ransomware gang) has exposed the data...
The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution...
A pro-Ukraine hacktivist group named ‘Blackjack’ has claimed a cyberattack against Russian provider of internet services M9com as a direct...
Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports...
Windows 10 users worldwide report problems installing Microsoft's January Patch Tuesday updates, getting 0x80070643 errors when attempting to install the...