Latest Cybersecurity News and Articles
24 May 2024
Siloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems, according to a new report by CyberArk.
24 May 2024
Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices.
"Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices
24 May 2024
“Through ongoing monitoring and collaboration with cyber authorities, we identified attempts to replace our Viewer 8.3.7 software with a compromised file,” the company said in a statement on Thursday.
24 May 2024
National Cyber Director Harry Coker Jr. said the administration is taking actions to strengthen key critical infrastructure sectors, including healthcare and water utilities, and will pursue additional steps to fight ransomware and boost resilience.
24 May 2024
The threat actor searches for sensitive information related to diplomatic and economic missions, embassies, military operations, political meetings, ministries of targeted countries, and high-ranking officials.
24 May 2024
As of April 2024, the ransomware groups Alphv and LockBit have ceded the top spot to a smaller ransomware group.
24 May 2024
Don't be fooled into thinking that cyber threats are only a problem for large organizations. The truth is that cybercriminals are increasingly targeting smaller businesses, and they're getting smarter every day.
Join our FREE webinar "Navigating the SMB Threat Landscape: Key Insights from Huntress' Threat Report," in which Jamie Levy — Director of Adversary Tactics at Huntress, a renowned
24 May 2024
The Police Service of Northern Ireland (PSNI) is bracing for a hefty £750,000 (~$952k) fine following last year’s data breach. The PSNI data breach saw the exposure of the personal information of approximately 10,000 officers and staff.
24 May 2024
One of them called ORB3/SPACEHOP is described as “a very active network leveraged by multiple China-nexus threat actors, including APT5 and APT15” for reconnaissance and vulnerability exploitationl
24 May 2024
The KeyPlug backdoor has been developed to target both Windows and Linux operative systems and use different protocols to communicate which depend on the configuration of the malware sample itself.
24 May 2024
Bolster, an AI startup, has raised $14 million in funding led by Microsoft's M12 to combat malicious phishing emails. Their flagship product, CheckPhish, offers brand and URL verification services to businesses.
24 May 2024
Introduction
The infamous Colonial pipeline ransomware attack (2021) and SolarWinds supply chain attack (2020) were more than data leaks; they were seismic shifts in cybersecurity. These attacks exposed a critical challenge for Chief Information Security Officers (CISOs): holding their ground while maintaining control over cloud security in the accelerating world of DevOps.
24 May 2024
The cybersecurity business is booming, and cyberattacks are fueling its growth. Global spending on security and risk management is on pace to reach $215 billion this year, up 30% from almost $165 billion in 2022, according to Gartner.
24 May 2024
Google on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild.
Assigned the CVE identifier CVE-2024-5274, the vulnerability relates to a type confusion bug in the V8 JavaScript and WebAssembly engine. It was reported by Clément Lecigne of Google's Threat Analysis Group and Brendon Tiszka of
24 May 2024
Malicious actors have backdoored the installer associated with courtroom video recording software developed by Justice AV Solutions (JAVS) to deliver malware that's associated with a known backdoor called RustDoor.
The software supply chain attack, tracked as CVE-2024-4978, impacts JAVS Viewer v8.3.7, a component of the JAVS Suite 8 that allows users to create, manage, publish,
24 May 2024
Georgia resident Malachi Mullings received a decade-long sentence for laundering money scored in scams against healthcare providers, private companies, and individuals to the tune of $4.5 million.
24 May 2024
Cybersecurity researchers have discovered that the malware known as BLOODALCHEMY used in attacks targeting government organizations in Southern and Southeastern Asia is in fact an updated version of Deed RAT, which is believed to be a successor to ShadowPad.
"The origin of BLOODALCHEMY and Deed RAT is ShadowPad and given the history of ShadowPad being utilized in numerous APT
24 May 2024
The research program will be led by researcher Shahar Avin at the government’s AI Safety Institute and delivered in partnership with UK Research and Innovation and The Alan Turing Institute.
24 May 2024
Development teams need to plan ahead and create shareable SBOMs that are standardized in a format that's readily consumable while also establishing scalable systems for attestation, access management, and data verification, among other factors.
24 May 2024
A politically motivated hacking group aligned with Pakistani interests is matching the Indian military's shift away from the Windows operating system with a heavy focus on malware encoded for Linux.