Latest Cybersecurity News and Articles
24 July 2024
APT28-linked hackers have targeted Ukraine's scientific institutions in a cyber-espionage campaign, believed to have ties to the Kremlin-backed group APT28, also known as Fancy Bear and BlueDelta.
24 July 2024
Google has decided to continue supporting third-party cookies, instead proposing a new approach that allows users to opt-in to their Privacy Sandbox. This comes after criticism and regulatory pressure over privacy concerns and competition issues.
24 July 2024
Infoblox revealed a Chinese cybercrime syndicate called Vigorish Viper behind illegal online gambling brands advertised at European football stadiums. The group is linked to online gambling and cyber fraud-related human trafficking in Southeast Asia.
24 July 2024
Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week.
"On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry on possible novel threat techniques," the company
24 July 2024
Verizon Communications has agreed to pay a $16 million settlement to the FCC for three data breaches at TracFone Wireless, a subsidiary acquired in 2021. TracFone provides services under brands like Total by Verizon Wireless and Straight Talk.
24 July 2024
Spanish police authorities have arrested three suspects connected to the pro-Russian hacker group NoName057(16), known for conducting DDoS attacks against Ukraine and its allies.
24 July 2024
The leak comes from a backup allegedly sold by Conor Fitzpatrick, also known as Pompompurin. Following the seizure of RaidForums in 2022, Fitzpatrick launched BreachForums v1, which was later seized by the FBI and linked to his arrest.
24 July 2024
A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza.
Fortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1).
The high-severity
24 July 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.
The vulnerabilities are listed below -
CVE-2012-4792 (CVSS score: 9.3) - Microsoft Internet Explorer Use-After-Free Vulnerability
CVE-2024-39891 (CVSS score: 5.3) - Twilio Authy Information Disclosure
24 July 2024
A new report analyzes data breach incidents occurring in the first half 2024.
23 July 2024
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its license to sell domains. The warning comes amid the release of new findings that .top was the most common suffix in phishing websites over the past year, second only to domains ending in “.com.”
23 July 2024
Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools.
The campaign is a sign that the group "also engages in internal espionage," Symantec's Threat Hunter Team, part of Broadcom, said in a new report published today. "In the attack on
23 July 2024
An awareness campaign displays fraud data across a range of countries, industries and categories.
23 July 2024
Channels with millions of subscribers, including Times of Ukraine and Real Kyiv, were affected by the hack. Ukrainian broadcaster Suspilne stated that 270 Ukrainian channels were compromised, with hackers spreading false narratives and propaganda.
23 July 2024
FrostyGoop can disrupt industrial processes by altering values on ICS devices. The malware exploited the Modbus protocol to directly affect industrial control systems, posing a significant threat to OT environments globally.
23 July 2024
Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in a disruptive cyber attack targeting an energy company in the Ukrainian city of Lviv earlier this January.
Industrial cybersecurity firm Dragos has dubbed the malware FrostyGoop, describing it as the first malware strain to directly use Modbus TCP
23 July 2024
RA World’s attack methods, mapped to MITRE ATT&CK, include exploiting vulnerable servers for initial access, using tools like PsExec and Impacket for credential dumping and lateral movement, and executing ransomware payloads in safe mode.
23 July 2024
The initial onboarding stage is a crucial step for both employees and employers. However, this process often involves the practice of sharing temporary first-day passwords, which can expose organizations to security risks.
Traditionally, IT departments have been cornered into either sharing passwords in plain text via email or SMS, or arranging in-person meetings to verbally communicate these
23 July 2024
Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information.
The sneaky technique, observed by Sucuri on a Magento e-commerce site's checkout page, allowed the malware to survive multiple cleanup attempts, the company said.
The skimmer is designed to capture all the data into the credit card form on the
23 July 2024
A recent report from Europol indicates that the disruption of ransomware-as-a-service (RaaS) groups is causing a fragmentation of the threat landscape, complicating tracking efforts.