Latest Cybersecurity News and Articles


LabHost Cybercrime Service Lets Anyone Phish Canadian Bank Users

28 February 2024
LabHost offers three membership tiers targeting banks and online services, along with a real-time phishing management tool called LabRat that enables cybercriminals to steal 2FA protection.

Malicious Code in Tornado Cash Governance Proposal Puts User Funds at Risk

28 February 2024
The compromise was introduced via a governance proposal, and the Tornado Cash Developers confirmed the compromise, urging users to withdraw old deposit notes and token holders to cancel their votes for the malicious proposal.

TimbreStealer Campaign Targets Mexican Users with Financial Lures

28 February 2024
The malware comes with embedded modules for orchestration, decryption, and protection, while also conducting checks to avoid sandbox environments and targeting specific industries like manufacturing and transportation sectors.

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat

28 February 2024
Organizations are urged to perform a hardware factory reset, upgrade firmware, change default credentials, and implement firewall rules to protect against the MooBot attacks.

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

28 February 2024
The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in an updated advisory. "This is likely in response to the ALPHV/BlackCat administrator's

US Agencies Warn of ALPHV/Blackcat Ransomware Threat to Healthcare Providers

28 February 2024
ALPHV/Blackcat ransomware affiliates use advanced social engineering techniques and open-source research to gain initial access to victim networks, posing as IT or helpdesk staff to obtain credentials.

Russia and Belarus Targeted by at Least 14 Nation-State Hacker Groups, Researchers Say

28 February 2024
State-sponsored hacker groups targeted Russia and former Soviet Union members with destructive or espionage campaigns, indicating an increase in politically motivated cyber attacks in the region.

Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data

28 February 2024
In today's digital era, data privacy isn't just a concern; it's a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform (CDP). Join us for a transformative webinar where we unveil Twilio Segment's state-of-the-art CDP.

Germany's Hessen Consumer Center Says Systems Encrypted by Ransomware

28 February 2024
The organization is working with external IT security experts to restore its communication channels and is committed to informing affected individuals if a data compromise is confirmed.

Enterprises’ Progress in Digital Trust Implementation is Far From Great

28 February 2024
Enterprises face challenges in managing the complexity of digital trust in a rapidly evolving technology landscape, which impacts their ability to protect digital assets.

Pharmaceutical Giant Cencora Says Data was Stolen in a Cyberattack

28 February 2024
The company has initiated containment measures, enlisted the help of law enforcement and cybersecurity experts, and is currently investigating the incident, with no confirmation yet on the impact to their finances or operations.

Meta to Assign Special Teams in Europe to Fight Election Disinformation, AI Abuse

28 February 2024
The company plans to set up a team in Europe to identify and mitigate election-related threats on its platforms in real time. It will also expand its fact-checking network with new partners in Bulgaria, France, and Slovakia.

Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management

28 February 2024
Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out of 200 users. There’s a company aiming to fix the gap between traditional PAM and IdM

WordPress LiteSpeed Plugin Vulnerability Puts Five Million Sites at Risk

28 February 2024
A security vulnerability (CVE-2023-40000) in the LiteSpeed Cache plugin for WordPress allowed unauthenticated users to escalate their privileges, posing a significant risk to over five million installations.

Unmanaged Third-Party Access Threatens OT Environments

28 February 2024
The increased connectivity between IT and OT systems, along with the rise in third-party access, introduces serious new risks that can leave organizations exposed to safety and security threats if access and connectivity are not properly controlled.

Akira Ransomware Group Threatens to Leak Stolen Data from Swedish Municipality

28 February 2024
The notorious Akira ransomware group has targeted the municipality of Bjuv in South Sweden, threatening to leak nearly 200GB of stolen data, including confidential documents and personal HR files.

CFOs Take Backseat to CISOs on SEC Cyber Rules

28 February 2024
Corporate finance chiefs are less involved in SEC cybersecurity breach disclosure processes compared to chief information security officers, potentially leading to decision-making mistakes.

Using AI to Reduce False Positives in Secrets Scanners

28 February 2024
Identifying and securing secrets in code is challenging due to the wide variety of secret types, but AI and ML can reduce false positives by as much as 86%, improving risk prioritization.

medQ Confirms Data Breach After Software Encryption Incident

28 February 2024
The data breach occurred when an unauthorized party encrypted software used by medQ and hosted by a third-party data center, resulting in the exposure of confidential consumer data.

Online Travelers at Risk: Agent Tesla Malware Attacks Travel Industry

28 February 2024
Malware campaigns are evolving, using email attachments to deliver RAT infections, as demonstrated by the example of a PDF attachment impersonating Booking.com to lure victims.