Reddit hackers threaten to leak data stolen in February breach
The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen...
cybersecurity
US govt offers $10 million bounty for info on Clop ransomware
The U.S. State Department's Rewards for Justice program announced up to a $10 million bounty yesterday for information linking the...
SMS delivery reports can be used to infer recipient’s location
A team of university researchers has devised a new side-channel attack named 'Freaky Leaky SMS,' which relies on the timing...
Police cracks down on DDoS-for-hire service active since 2013
Polish police officers of the country's Central Bureau for Combating Cybercrime detained two suspects believed to have been involved in...
Millions of Oregon, Louisiana state IDs stolen in MOVEit breach
Louisiana and Oregon warn that millions of driver's licenses were exposed in a data breach after a ransomware gang hacked...
Western Digital boots outdated NAS devices off of My Cloud
Western Digital is warning owners of My Cloud series devices that can no longer connect to cloud services starting on...
The Week in Ransomware – June 16th 2023 – Wave of Extortion
The MOVEit Transfer extortion attacks continue to dominate the news cycle, with the Clop ransomware operation now extorting organizations breached...
Russian hackers use PowerShell USB malware to drop backdoors
The Russian state-sponsored hacking group Gamaredon (aka Armageddon or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence...
Traditional Pen Testing vs. PTaaS with Web Application Security
While traditional penetration testing (pen testing) has long been the go-to method for identifying security gaps in a organization’s network and...
Barracuda ESG zero-day attacks linked to suspected Chinese hackers
A suspected pro-China hacker group tracked by Mandiant as UNC4841 has been linked to data-theft attacks on Barracuda ESG (Email...
Suspected LockBit ransomware affiliate arrested, charged in US
Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit...
Rhysida ransomware leaks documents stolen from Chilean Army
Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents...
Clop ransomware gang starts extorting MOVEit data-theft victims
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks, first listing the company's names on...
Android GravityRAT malware now steals your WhatsApp backups
A new Android malware campaign spreading the latest version of GravityRAT has been underway since August 2022, infecting mobile devices...
MOVEit Transfer customers warned of new flaw as PoC info surfaces
Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi)...
Compliance Automation: Your Audit Experience Before and After
Richard Stevenson, Manager of Cybersecurity Risk Management and Compliance at Drata Automation transforms the audit experience. What was once a...
CISA: LockBit ransomware extorted $91 million in 1,700 U.S. attacks
U.S. and international cybersecurity authorities said in a joint LockBit ransomware advisory that the gang successfully extorted roughly $91 million...
Fake zero-day PoC exploits on GitHub push Windows, Linux malware
Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows...
WannaCry ransomware impersonator targets Russian “Enlisted” FPS players
A ransomware operation targets Russian players of the Enlisted multiplayer first-person shooter, using a fake website to spread trojanized versions...
Chinese hackers use DNS-over-HTTPS for Linux malware communication
The Chinese threat group 'ChamelGang' infects Linux devices with a previously unknown implant named 'ChamelDoH,' allowing DNS-over-HTTPS communications with attackers'...
New ‘Shampoo’ Chromeloader malware pushed via fake warez sites
A new ChromeLoader campaign is underway, infecting visitors of warez and pirated movie sites with a new variant of the...
Microsoft links data wiping attacks to new Russian GRU hacking group
Microsoft has linked a threat group it tracks as Cadet Blizzard since April 2023 to Russia’s Main Directorate of the General Staff...
Microsoft: Windows Kernel CVE-2023-32019 fix is disabled by default
Microsoft has released an optional fix to address a Kernel information disclosure vulnerability affecting systems running multiple Windows versions, including...
Massive phishing campaign uses 6,000 sites to impersonate 100 brands
A widespread brand impersonation campaign targeting over a hundred popular apparel, footwear, and clothing brands has been underway since June...
