Latest Cybersecurity News and Articles
03 September 2024
Recent investigations reveal that the BlackByte ransomware group is deploying techniques that vary from its typical methods.
03 September 2024
Researchers have traced the new ManticoraLoader malware-as-a-service (MaaS) to the cybercriminal group 'DarkBLUP,' previously associated with distributing AresLoader and AiDLocker ransomware from the DeadXInject group.
03 September 2024
Security researchers discovered a SQL injection vulnerability in FlyCASS, a third-party web service used by airlines to manage the Known Crewmember (KCM) program and the Cockpit Access Security System (CASS).
03 September 2024
Mobile users in Brazil are the target of a new malware campaign that delivers a new Android banking trojan named Rocinante.
"This malware family is capable of performing keylogging using the Accessibility Service, and is also able to steal PII from its victims using phishing screens posing as different banks," Dutch security company ThreatFabric said.
"Finally, it can use all this exfiltrated
03 September 2024
A North Korean APT used a Google Chrome zero-day flaw, CVE-2024-7971, to deploy the FudModule rootkit. Microsoft researchers linked these attacks to Citrine Sleet (AppleJeus, Labyrinth Chollima, UNC4736, or Hidden Cobra) with medium confidence.
03 September 2024
Roblox developers are being targeted by a new malicious npm campaign. Cybercriminals have created fake Roblox npm packages with the aim of deploying a remote access trojan called Quasar.
03 September 2024
The malicious DLL implant for the Cobalt Strike attack toolkit gets injected into the Windows binary "runonce.exe," giving total control to the attackers. The campaign further deploys various malicious tools for reconnaissance and data exfiltration.
03 September 2024
In the digital realm, secrets (API keys, private keys, username and password combos, etc.) are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very tools we use to collaborate every day?
A Single Secret Can Wreak Havoc
Imagine this: It's a typical Tuesday in June 2024. Your dev team is knee-deep in sprints, Jira tickets are flying, and Slack is
03 September 2024
Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system's permissions-based model, which revolves around the Transparency, Consent, and Control (TCC) framework.
"If successful, the adversary could gain any privileges already granted to the affected
02 September 2024
A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his former employer.
Daniel Rhyne of Kansas City, Missouri, has been charged with one count of extortion in relation to a threat to cause damage to a protected computer, one count of intentional damage to a protected computer, and one count of wire fraud.
He was
02 September 2024
Three men in the United Kingdom have pleaded guilty to operating otp[.]agency, a once popular online service that helped attackers intercept the one-time passcodes (OTPs) that many websites require as a second authentication factor in addition to passwords.
Launched in November 2019, OTP Agency was a service for intercepting one-time passwords needed to log in to various websites. Scammers would enter the target’s phone number and name, and the service would initiate an automated phone call to the target that alerts them about unauthorized activity on their account.
02 September 2024
Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said.
The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services,
02 September 2024
A Forescout report highlighted a 43% increase in published vulnerabilities, with 23,668 reported in H1 2024. Ransomware attacks also rose by 6%, totaling 3,085 incidents, with the U.S. being the most targeted country.
02 September 2024
The group behind Cicada3301 has been recruiting affiliates on cybercrime forums since June. It is speculated that Cicada3301 could be related to the now-defunct ALPHV group, as both ransomware share similarities.
02 September 2024
A recent cybersecurity report found that 98% of organizations attacked by bots in the past year lost revenue as a result.
02 September 2024
Security leaders discuss a vulnerability in Microsoft 365 Copilot that was recently patched.
02 September 2024
Backers included BackingMinds, in combination with industry veterans such as Jesper Zerlang (ex-CEO of Logpoint), Lars Ankjer, Otto Krabbe, Rolf Bladt, and several angels and key employees.
02 September 2024
GreenCharlie attackers use dynamic DNS providers to register domains for phishing attacks, with deceptive themes like cloud services and document visualization to trick victims into revealing sensitive information or downloading malware payloads.
02 September 2024
Sinon is an open-source tool designed to automate the burn-in process of Windows-based deception hosts. It simplifies the orchestration of deception hosts at scale by incorporating generative capabilities to introduce diversity and randomness.
02 September 2024
A fake Palo Alto GlobalProtect VPN access tool is being used as bait by threat actors targeting Middle Eastern organizations. The malware, disguised as a legitimate tool, can steal data and execute remote commands to infiltrate networks further.