The Vietnamese threat actors behind the Ducktail stealer malware have been linked to a new campaign that ran between March and early...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply...
The threat actors behind a new ransomware group called Hunters International have acquired the source code and infrastructure from the now-dismantled Hive...
Cybersecurity researchers have discovered what they say is malicious cyber activity orchestrated by two prominent Chinese nation-state hacking groups targeting 24 Cambodian...
Cybersecurity researchers have warned about a Windows version of a wiper malware that was previously observed targeting Linux systems in cyber attacks...
A sub-cluster within the infamous Lazarus Group has established new infrastructure that impersonates skills assessment portals as part of its social engineering...
Living-off-the-land (LotL) techniques in cyber attacks refer to the use of legitimate, native tools already present in the target system to carry...
The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October...
Cybersecurity researchers have discovered a stealthy backdoor named Effluence that’s deployed following the successful exploitation of a recently disclosed security flaw in...
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid...
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering...
While intended for convenience and efficient communication, email auto-forwarding rules can inadvertently lead to the unauthorized dissemination of sensitive information to external...
Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel. “The...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its...
Kubernetes has become the de facto orchestration platform for managing containerized applications, but with its widespread adoption, the security of Kubernetes clusters...
Download the free guide, “It’s a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI...
Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over...
A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and evade detection....
Numerous industries—including technology, financial services, energy, healthcare, and government—are rushing to incorporate cloud-based and containerized web applications. The benefits are undeniable; however,...
ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can exploit ChatGPT,...
Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware
New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks
CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks
Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.
200+ Malicious Android Apps Targeting Iranian Banks: Experts Warn
Discover Why Proactive Web Security Outsmarts Traditional Antivirus Solutions
DJVU Ransomware’s Latest Variant ‘Xaro’ Disguised as Cracked Software
GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability
Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability
Transform Your Data Security Posture – Learn from SoFi’s DSPM Success
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
How Hackers Phish for Your Users’ Credentials and Sell Them
Hackers Can Exploit ‘Forced Authentication’ to Steal Windows NTLM Tokens
How to Handle Retail SaaS Security on Cyber Monday
New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches