Suspected LockBit ransomware affiliate arrested, charged in US
Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit...
cybersecurity
Rhysida ransomware leaks documents stolen from Chilean Army
Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents...
Clop ransomware gang starts extorting MOVEit data-theft victims
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks, first listing the company's names on...
MOVEit Transfer customers warned of new flaw as PoC info surfaces
Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi)...
Compliance Automation: Your Audit Experience Before and After
Richard Stevenson, Manager of Cybersecurity Risk Management and Compliance at Drata Automation transforms the audit experience. What was once a...
CISA: LockBit ransomware extorted $91 million in 1,700 U.S. attacks
U.S. and international cybersecurity authorities said in a joint LockBit ransomware advisory that the gang successfully extorted roughly $91 million...
Fake zero-day PoC exploits on GitHub push Windows, Linux malware
Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows...
WannaCry ransomware impersonator targets Russian “Enlisted” FPS players
A ransomware operation targets Russian players of the Enlisted multiplayer first-person shooter, using a fake website to spread trojanized versions...
Chinese hackers use DNS-over-HTTPS for Linux malware communication
The Chinese threat group 'ChamelGang' infects Linux devices with a previously unknown implant named 'ChamelDoH,' allowing DNS-over-HTTPS communications with attackers'...
New ‘Shampoo’ Chromeloader malware pushed via fake warez sites
A new ChromeLoader campaign is underway, infecting visitors of warez and pirated movie sites with a new variant of the...
Microsoft links data wiping attacks to new Russian GRU hacking group
Microsoft has linked a threat group it tracks as Cadet Blizzard since April 2023 to Russia’s Main Directorate of the General Staff...
Microsoft: Windows Kernel CVE-2023-32019 fix is disabled by default
Microsoft has released an optional fix to address a Kernel information disclosure vulnerability affecting systems running multiple Windows versions, including...
Massive phishing campaign uses 6,000 sites to impersonate 100 brands
A widespread brand impersonation campaign targeting over a hundred popular apparel, footwear, and clothing brands has been underway since June...
Blink Copilot Brings Generative AI to Security Automation
Imagine if all you needed to do to turn a security policy into an enforced workflow was type it out...
RDP honeypot targeted 3.5 million times in brute-force attacks
Remote desktop connections are so powerful a magnet for hackers that an exposed connection can average more than 37,000 times...
Chinese hackers used VMware ESXi zero-day to backdoor VMs
VMware patched today a VMware ESXi zero-day vulnerability exploited by a Chinese-sponsored hacking group to backdoor Windows and Linux virtual...
Pirated Windows 10 ISOs install clipper malware via EFI partitions
Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade...
CISA orders federal agencies to secure Internet-exposed network devices
CISA issued this year's first binding operational directive (BOD) ordering federal civilian agencies to secure misconfigured or Internet-exposed networking equipment...
Bulletproof hoster gets 3 years for pushing Urfsnif, Zeus malware
Romanian national Mihai Ionut Paunescu, aka "Virus," was sentenced to three years in prison by a Manhattan federal court for...
WordPress Stripe payment plugin bug leaks customer order details
The WooCommerce Stripe Gateway plugin for WordPress was found to be vulnerable to a bug that allows any unauthenticated user...
Fortinet: New FortiOS RCE bug “may have been exploited” in attacks
Fortinet says a critical FortiOS SSL VPN vulnerability that was patched last week "may have been exploited" in attacks impacting...
Exploit released for MOVEit RCE bug used in data theft attacks
Horizon3 security researchers have released proof-of-concept (PoC) exploit code for a remote code execution (RCE) bug in the MOVEit Transfer...
Swiss government warns of ongoing DDoS attacks, data leak
The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while...
Have I Been Pwned warns of new Zacks data breach impacting 8 million
Zacks Investment Research (Zacks) has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database...
