Latest Cybersecurity News and Articles
20 May 2024
All developers want to create secure and dependable software. They should feel proud to release their code with the full confidence they did not introduce any weaknesses or anti-patterns into their applications. Unfortunately, developers are not writing their own code for the most part these days. 96% of all software contains some open-source components, and open-source components make
20 May 2024
The UK government has released guidance to help AI developers and vendors protect their AI models from hacking and potential sabotage, with the goal of transforming this guidance into a global standard to promote security by design in AI systems.
20 May 2024
HP's new report reveals that cybercriminals are increasingly using "cat-phishing" techniques, exploiting open redirects in legitimate websites to deceive users and deliver malware.
20 May 2024
A "multi-faceted campaign" has been observed abusing legitimate services like GitHub and FileZilla to deliver an array of stealer malware and banking trojans such as Atomic (aka AMOS), Vidar, Lumma (aka LummaC2), and Octo by impersonating credible software like 1Password, Bartender 5, and Pixelmator Pro.
"The presence of multiple malware variants suggests a broad cross-platform targeting
20 May 2024
The CISA has issued new guidance to help federal civilian agencies better encrypt their Domain Name System (DNS) traffic as part of a broader effort to improve the security posture of their internal networks and meet a zero trust deadline this fall.
20 May 2024
CISA has added a high-severity vulnerability (CVE-2024-4761) in Chrome's V8 JavaScript engine to its 'Known Exploited Vulnerabilities' catalog, which is being actively exploited.
20 May 2024
The Norwegian NCSC recommends organizations replace SSL VPN/WebVPN solutions with more secure alternatives, like IPsec with IKEv2, by 2025 to prevent breaches from repeated vulnerabilities.
20 May 2024
Cybersecurity researchers have observed a spike in email phishing campaigns starting early March 2024 that delivers Latrodectus, a nascent malware loader believed to be the successor to the IcedID malware.
"These campaigns typically involve a recognizable infection chain involving oversized JavaScript files that utilize WMI's ability to invoke msiexec.exe and install a remotely-hosted MSI
20 May 2024
A concentration of cyber risk and an increase in the exploitation of third-party vulnerabilities may pose a threat to national security and the global economy.
19 May 2024
The U.S. Department of Justice (DoJ) has charged two arrested Chinese nationals for allegedly orchestrating a pig butchering scam that laundered at least $73 million from victims through shell companies.
The individuals, Daren Li, 41, and Yicheng Zhang, 38, were arrested in Atlanta and Los Angeles on April 12 and May 16, respectively.
The foreign nationals have been "charged for leading a scheme
19 May 2024
The threat actors behind the Windows-based Grandoreiro banking trojan have returned in a global campaign since March 2024 following a law enforcement takedown in January.
The large-scale phishing attacks, likely facilitated by other cybercriminals via a malware-as-a-service (MaaS) model, target over 1,500 banks across the world, spanning more than 60 countries in Central and South
18 May 2024
Gomir shares many similarities with GoBear and features direct command and control (C2) communication, persistence mechanisms, and support for executing a wide range of commands.
18 May 2024
Deuterbear, while similar to Waterbear in many ways, shows advancements in capabilities such as including support for shellcode plugins, avoiding handshakes for RAT operation, and using HTTPS for C&C communication.
18 May 2024
The May 2024 campaign, dubbed UNK_SweetSpecter, employs the SugarGh0st RAT, a remote access trojan tailored from the Gh0stRAT. This variant, historically linked to Chinese-speaking threat actors, has now been repurposed to target AI-related entities.
18 May 2024
Researchers with the Slovak cybersecurity firm ESET published a technical analysis on Wednesday of the two backdoors by a suspected Russian threat group, which they named LunarWeb and LunarMail.
18 May 2024
A new Android banking Trojan called "Antidot" is targeting users across multiple regions by mimicking a Google Play update app and incorporating various malicious features like overlay attacks, keylogging, and remote control capabilities.
17 May 2024
The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to exploit arsenal and expand its botnet.
The findings come from cloud security firm Aqua, which described the threat actor as actively orchestrating illicit cryptocurrency mining
17 May 2024
The challenges within the AI supply chain mirror those of the broader software supply chain, with added complexity when integrating large language models (LLMs) or machine learning (ML) models into organizational frameworks.
17 May 2024
The SEC now requires certain financial institutions to have written policies for detecting, addressing, and notifying customers of data breaches involving their personal information.
17 May 2024
A report from Bitsight revealed that UK organizations are taking significantly longer than their European counterparts to remediate software vulnerabilities listed in the US CISA's Known Exploited Vulnerability (KEV) catalog.