Predator: Looking under the hood of Intellexa’s Android spyware
Image: Bing Create Security researchers at Cisco Talos and the Citizen Lab have presented a new technical analysis of the...
cybersecurity
What’s a Double-Blind Password Strategy and When Should It Be Used
Password security, like threat actor methods, continues to evolve. As computing power grows, previously best-practice passwords become increasingly vulnerable. Password...
Barracuda warns of email gateways breached via zero-day flaw
Barracuda, a company known for its email and network security solutions, warned customers today that some of their Email Security...
New PowerExchange malware backdoors Microsoft Exchange servers
A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft...
Iranian hackers use new Moneybird ransomware to attack Israeli orgs
Image: Bing Create A suspected Iranian state-supported threat actor known as 'Agrius' is now deploying a new ransomware strain named...
Hackers target 1.5M WordPress sites with cookie consent plugin exploit
Ongoing attacks are targeting an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in a WordPress cookie consent plugin named Beautiful Cookie...
Chinese hackers breach US critical infrastructure in stealthy attacks
Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United...
GitLab ‘strongly recommends’ patching max severity flaw ASAP
GitLab has released an emergency security update, version 16.0.1, to address a maximum severity (CVSS v3.1 score: 10.0) path traversal...
Cuba ransomware claims cyberattack on Philadelphia Inquirer
The Cuba ransomware gang has claimed responsibility for this month's cyberattack on The Philadelphia Inquirer, which temporarily disrupted the newspaper's...
Arms maker Rheinmetall confirms BlackBasta ransomware attack
German automotive and arms manufacturer Rheinmetall AG confirms that it suffered a BlackBasta ransomware attack that impacted its civilian business....
GoldenJackal state hackers silently attacking govts since 2019
Image: Bing Create A relatively unknown advanced persistent threat (APT) group named 'GoldenJackal' has been targeting government and diplomatic entities...
New AhRat Android malware hidden in app with 50,000 installs
Image: Bing Image Creator ESET malware researchers found a new remote access trojan (RAT) on the Google Play Store, hidden...
IT employee impersonates ransomware gang to extort employer
A 28-year-old United Kingdom man from Fleetwood, Hertfordshire, has been convicted of unauthorized computer access with criminal intent and blackmailing...
US sanctions orgs behind North Korea’s ‘illicit’ IT worker army
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against four entities and one individual for their...
Crypto phishing service Inferno Drainer defrauds thousands of victims
A cryptocurrency phishing and scam service called 'Inferno Drainer' has reportedly stolen over $5.9 million worth of crypto from 4,888...
CISA orders govt agencies to patch iPhone bugs exploited in attacks
Today, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) ordered federal agencies to address three recently patched zero-day flaws affecting iPhones,...
Malicious Windows kernel drivers used in BlackCat ransomware attacks
The ALPHV ransomware group (aka BlackCat) was observed employing signed malicious Windows kernel drivers to evade detection by security software...
An AI-based Chrome Extension Against Phishing, Malware, and Ransomware
The Anti-Phishing Council has reported an increase in phishing reports and URLs, particularly targeting financial institutions. Despite using evasive techniques,...
Pentagon explosion hoax goes viral after verified Twitter accounts push
Highly realistic AI-generated images depicting an explosion near the Pentagon that went viral on Twitter caused the stock market to...
Google will delete accounts inactive for more than 2 years
Google has updated its policy for personal accounts across its services to allow a maximum period of inactivity of two...
Android phones are vulnerable to fingerprint brute-force attacks
Researchers at Tencent Labs and Zhejiang University have presented a new attack called 'BrutePrint,' which brute-forces fingerprints on modern smartphones...
npm packages caught serving TurkoRAT binaries that mimic NodeJS
Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead...
Cloned CapCut websites push information stealing malware
A new malware distribution campaign is underway impersonating the CapCut video editing tool to push various malware strains to unsuspecting...
PyPI temporarily pauses new users, projects amid high volume of malware
PyPI, the official third-party registry of open source Python packages has temporarily suspended new users from signing up, and new...
