Latest Cybersecurity News and Articles
06 May 2024
The German and Czech governments have publicly disclosed that Russian military intelligence hackers, known as APT28, have been involved in an espionage campaign targeting political parties and critical infrastructure in both countries.
06 May 2024
An analysis of more than 40 million exposures provides a view the current exposure landscape, revealing 80% are driven by misconfigurations.
06 May 2024
Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target's traffic off of the protection provided by their VPN without triggering any alerts to the user.
06 May 2024
More than 50% of the 90,310 hosts have been found exposing a Tinyproxy service on the internet that's vulnerable to a critical unpatched security flaw in the HTTP/HTTPS proxy tool.
The issue, tracked as CVE-2023-49606, carries a CVSS score of 9.8 out of a maximum of 10, per Cisco Talos, which described it as a use-after-free bug impacting versions 1.10.0 and 1.11.1, which is the
06 May 2024
The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys.
Dubbed ArcaneDoor, the activity is said to have commenced around July 2023, with the first confirmed attack against an unnamed victim
06 May 2024
The median time to patch bugs listed in the CISA's Known Exploited Vulnerabilities (KEV) catalog is 174 days, compared to 621 days for non-KEV vulnerabilities, according to an analysis by Bitsight.
06 May 2024
Finland's Transport and Communications Agency (Traficom) highlighted multiple cases of SMS messages written in Finnish that instruct recipients to call a number. The scammer answers the call instructs victims to install a McAfee app for protection.
06 May 2024
Ransom recovery costs have surged, with the average payment reaching $2 million, a 500% increase from the previous year. Excluding ransoms, the average cost of recovery has risen to $2.73 million, up by almost $1 million, according to Sophos.
06 May 2024
Law enforcement authorities seized the Lockbit group's Tor website again and they plan to reveal the identities of the LockBitSupps and other gang members on May 7, 2024.
06 May 2024
Cybercriminals are vipers. They’re like snakes in the grass, hiding behind their keyboards, waiting to strike. And if you're a small- and medium-sized business (SMB), your organization is the ideal lair for these serpents to slither into.
With cybercriminals becoming more sophisticated, SMBs like you must do more to protect themselves. But at what price? That’s the daunting question
06 May 2024
The Israeli startup founded in 2022 by Or Eshed and David Weisbrot has raised $26 million in Series A funding. This round, led by Glilot+ and with participation from Dell Technologies Capital, brings LayerX's total investment to $34 million.
06 May 2024
Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android.
"The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system privileges, [and] disclosure of phone, settings and Xiaomi account data," mobile security firm
06 May 2024
The Cybersecurity and Infrastructure Security Agency sent out alerts to critical infrastructure sectors, with only 852 organizations responding by patching, implementing controls, or taking devices offline.
06 May 2024
Passkeys are gaining widespread adoption as an alternative to traditional passwords for digital authentication. Major tech companies like Microsoft, Google, and Bitwarden have recently expanded support for passkeys.
06 May 2024
The criminal network was responsible for defrauding thousands of victims through fake police calls, investment fraud, or romance scams, Europol said. Scam callers posed as victims’ close relatives, bank employees, customer service, or police.
06 May 2024
Trend Micro researchers revealed that the botnet, primarily operating through compromised Ubiquiti EdgeRouters, is used for various malicious activities such as credential harvesting, proxying network traffic, and hosting phishing landing pages.
06 May 2024
Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infected hosts and act as a spyware.
Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that's capable of running on both Intel- and Arm-based Macs.
The exact distribution vector is currently unclear, although there are
06 May 2024
Crypto recovery scams involve fraudsters who offer to help victims recover stolen cryptocurrency in exchange for an upfront fee, but instead, they disappear after payment.
04 May 2024
Czechia and Germany on Friday revealed that they were the target of a long-term cyber espionage campaign conducted by the Russia-linked nation-state actor known as APT28, drawing condemnation from the European Union (E.U.), the North Atlantic Treaty Organization (NATO), the U.K., and the U.S.
The Czech Republic's Ministry of Foreign Affairs (MFA), in a statement, said some unnamed
04 May 2024
These hackers are employing sophisticated phishing techniques to distribute malicious software and target financial theft, with incidents steadily increasing over the past two years.