Latest Cybersecurity News and Articles
24 May 2024
Security experts from SlashNext have reported a 341% increase in malicious phishing links, business email compromise (BEC), QR code, and attachment-based threats in the past six months.
24 May 2024
Hacktivist operations are using leaked ransomware builders to launch attacks on critical infrastructure in the Philippines — part of a trend among politically motivated groups who are increasingly trying to disrupt life in the Southeast Asian nation.
24 May 2024
A top Microsoft executive will testify next month before the House Committee on Homeland Security on recent cyberattacks that impacted the company and its customers, and Microsoft’s revitalized security strategy.
24 May 2024
SOCRadar announced the successful completion of its Series B funding round, raising $25.2 million. The round was led by PeakSpan Capital, with participation from Oxx, reflecting investor confidence in SOCRadar’s innovative approach to cybersecurity.
24 May 2024
Malicious actors are utilizing overdue invoice lures, open redirects and LotL tactics in order to bypass cybersecurity defenses.
23 May 2024
Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.
23 May 2024
Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed.
"Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and vulnerabilities, making them a lucrative and highly effective target for threat actors to abuse,"
23 May 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2020-17519, the issue relates to a case of improper access control that
23 May 2024
Around 16 different independent hacktivist groups are targeting Indian elections, including Anon Black Flag Indonesia, Anonymous Bangladesh, and Morocco Black Cyber Army, among others.
23 May 2024
Bitdefender researchers who discovered the threat group report that its operations align with Chinese geo-political interests, focusing on intelligence collection and espionage.
23 May 2024
Microsoft's new automatic screenshot retrieval feature could enable hackers to steal sensitive information such as online banking credentials, security experts warned. Additionally, the U.K ICO will probe Recall for compliance with privacy law.
23 May 2024
This campaign, active since at least 2021, has targeted over 30 victims in various countries, primarily in Africa and the Middle East, with government agencies being the main victims.
23 May 2024
The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign.
"The campaign adopts Cobalt Strike Beacon as the payload, enabling backdoor functionalities like C2 communication and command execution while minimizing the exposure of their custom tools," Check Point
23 May 2024
Much of the testimony – and concerns raised by the committee – focused on the AI advantages for cybercriminals and nation-state actors, advantages that cybersecurity officials say must be countered by increasingly building AI into products.
23 May 2024
Delivered via a phishing email attachment, the malicious file makes use of the hidden right-to-left override (RLO) Unicode character (U+202E) to reverse the order of the characters that come after that character in the string.
23 May 2024
According to Arctic Wolf, 66% of organizations that suffered a data breach in the last year chose to publicly disclose information regarding their incidents, while 30% only disclosed their breaches to impacted parties.
23 May 2024
pcTattletale allows remote monitoring of Android or Windows devices and their data. The app claims to run invisibly in the background, undetectable on the target’s workstation.
23 May 2024
The joint Snowflake and Anvilogic solution would lead to reduced costs — on the order of 50% to 80%, the companies claim — and will eventually replace legacy SIEM platforms, argues Karthik Kannan, CEO of Anvilogic.
23 May 2024
An investigation by the EPA reveals that a majority of water systems do not meet compliance standards. Security leaders are sharing their thoughts.
23 May 2024
According to a recent cybersecurity incident report, nearly 90% of organizations suffer damage before containing and investigating incidents.