Latest Cybersecurity News and Articles
19 March 2024
Russian hackers launched an electronic warfare attack that disabled the GPS and communications systems of UK Defence Secretary Grant Shapps' RAF Dassault Falcon 900 jet while flying near Kaliningrad.
19 March 2024
A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT.
Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu.
"The PhantomBlu operation introduces a nuanced exploitation method, diverging from NetSupport RAT’s typical delivery mechanism by leveraging OLE (Object
19 March 2024
A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced.
Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized
18 March 2024
A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information.
Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it's likely associated with the North Korean state-sponsored group tracked as Kimsuky.
"The malware payloads used in the DEEP#GOSU represent a
18 March 2024
An announcement published late last week on the firm's news portal discloses a major cybersecurity incident that has compromised systems and data, including sensitive information of customers.
18 March 2024
The NCSC released guidance for operational technology (OT) organizations on migrating their SCADA systems to the cloud. This guidance aims to help organizations assess the benefits and risks of cloud-hosted SCADA to make informed decisions.
18 March 2024
A new report highlights new and continuing threat trends that security leaders must prepare to face in the coming years.
18 March 2024
This campaign is noteworthy as it uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website.
18 March 2024
Charles Henderson was hired as EVP of Cyber Security at Coalfire with experience in threat intelligence, incident response and penetration testing.
18 March 2024
Researchers have demonstrated a new acoustic side-channel attack on keyboards that can deduce user input based on their typing patterns, even in poor conditions, such as environments with noise.
18 March 2024
The victims were lured into slavery with false job offers and were forced to adopt fake identities to extract money from their victims through promises of cryptocurrency wins, investments, and romance.
18 March 2024
The APT campaign targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa. It exploits public-facing servers and sends spear-phishing emails to deliver backdoors.
18 March 2024
Moldovan national Sandu Boris Diaconu was sentenced to 42 months in federal prison for operating the E-Root cybercrime marketplace, which facilitated the sale of compromised computer credentials.
18 March 2024
MediaWorks, a company based in New Zealand, says it is investigating an alleged security incident after a hacker claimed to have stolen the data of just over 2.4 million people and began targeting individuals for extortion payments.
18 March 2024
Historical domain registration records suggest that the founder of Onerep, Dimitri Shelest, has been involved in numerous people-search services, indicating potential conflicts of interest.
18 March 2024
Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers.
Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10.
"A directory traversal within the 'ftpservlet' of the FileCatalyst Workflow
18 March 2024
Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft.
"It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website," Netskope Threat Labs
18 March 2024
Concerns are especially high in the public sector, with 87% worrying about employee email and social media lapses damaging their institutions, according to a Mimecast report.
18 March 2024
Multiple GitHub repositories were hosting cracked software designed to deliver the RisePro info-stealer, indicating a widespread campaign to distribute the malware. The repositories were taken down by GitHub, and all used the same download link.
18 March 2024
The hub offers a centralized repository of essential resources and expertise, sourced from federal agencies, industry partners, academia, and the private sector, to enhance the cybersecurity posture of Emergency Communications Centers (ECCs).