New Research Exposes Security Risks in ChatGPT Plugins
Security researchers have uncovered critical security flaws within ChatGPT plugins. By exploiting these flaws, attackers could seize control of an...
Premium Members Content
Victims Lose $47m to Crypto Phishing Scams in February
Impersonated accounts on X (formerly Twitter) have been blamed for the majority of cryptocurrency phishing attacks last month, with victims...
Three-Quarters of Cyber Incident Victims Are Small Businesses
Over three-quarters of cyber incidents impacted small businesses in 2023, with ransomware having the biggest impact on these firms, according...
New Cloud Attack Targets Crypto CDN Meson Ahead of Launch
A malicious campaign has been observed exploiting the blockchain-based Meson service for illicit gains ahead of the crypto token unlock...
Study Reveals Top Vulnerabilities in Corporate Web Applications
A recent study conducted by Kaspersky Security Assessment experts has revealed the most prevalent vulnerabilities in corporate web applications developed...
Lawmakers Slam UK Government’s “Ostrich Strategy” for Cybersecurity
The UK will remain “exposed and unprepared” for a potentially catastrophic ransomware attack if it continues to adopt a head-in-the-sand...
Magnet Goblin Exploits Ivanti Vulnerabilities
Security researchers have uncovered a trend involving the exploitation of 1-day vulnerabilities, including two in Ivanti Connect Secure VPN. The flaws,...
BianLian Threat Actor Shifts Focus to Extortion-Only Tactics
The BianLian threat actor has been observed shifting toward extortion-only activities, according to recent findings by GuidePoint’s Research and Intelligence...
FBI: US Ransomware Losses Surge 74% to $59.6 Million in 2023
Ransomware losses in the US surged to $59.6m in 2023, a 74% rise on the previous year’s reported figure of...
Governments Eye Disclosure Requirements for AI Development Labs
AI laboratories will be compelled to disclose their development of general-purpose AI as governments look to have more oversight over...
Ransomware Attackers Leak Sensitive Swiss Government Documents, Login Credentials
Sensitive Swiss federal government data, including classified documents and log in credentials, were leaked by the Play ransomware group following...
Former Google Engineer Charged With Stealing AI Secrets
A Chinese national who used to work at Google has been charged with stealing intellectual property from the tech giant...
RATs Spread Via Fake Skype, Zoom, Google Meet Sites
Cybersecurity researchers have uncovered a new cyber-threat involving fraudulent Skype, Google Meet and Zoom websites aimed at spreading malware. The campaign,...
Evasive Panda Targets Tibet With Trojanized Software
A sophisticated cyber-espionage campaign by the China-aligned APT group Evasive Panda (also known as BRONZE HIGHLAND and Daggerfly) has been...
Dropbox Used to Steal Credentials and Bypass MFA in Novel Phishing Campaign
A novel phishing campaign leveraged legitimate Dropbox infrastructure and successfully bypassed multifactor authentication (MFA) protocols, new research from Darktrace has...
UnitedHealth Sets Timeline to Restore Change Healthcare Systems After BlackCat Hit
UnitedHealth Group has published a timeline to restore Change Healthcare’s systems following the BlackCat/ALPHV ransomware attack, which has led to...
Third-Party Breach and Missing MFA Contributed to British Library Cyber-Attack
The British Library ransomware attack was likely caused by the compromise of third-party credentials coupled with no multifactor authentication (MFA)...
NSA Launches Top 10 Cloud Security Mitigation Strategies
As businesses migrate their services to hybrid and multi-cloud environments, cloud misconfigurations and security flaws are becoming critical points of...
Russia’s Midnight Blizzard Accesses Microsoft Source Code
A notorious Russian state-backed APT group has accessed Microsoft source code and internal systems in an ongoing campaign that was...
Telemedicine Business Owner Faces 20 Years For $136m Fraud
A nurse practitioner has pleaded guilty to her role in a massive $136m conspiracy to defraud the US government’s Medicare...
Threat Hunt: Detecting LSASS Memory Dump via ProcDump
Introduction The Local Security Authority Subsystem Service (LSASS) process in Windows systems manages the security policy, writes to the Security...
Threat Hunt: Detecting Excessive File Writes/Modifications with Ransomware Note Extensions
Published Date: 06/03/2024 Introduction Ransomware attacks often involve encrypting files on a victim's system and leaving ransom notes with instructions...
Threat Hunt: Detecting Encoded PowerShell Commands
Published Date: 06/03/2024 Introduction This hunt aims to identify potentially malicious activities involving encoded PowerShell commands. Encoded commands are a...
Weekly Cyber Security Tip – Bolster Your Internet Of Things (IoT) Security
Welcome back to our weekly cyber security tip. This week, we're shining the spotlight on the increasingly high-tech world of...
