New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
News
Ransomware Review January 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
2024 State Of Ransomware In Education 92 Spike In K 12 Attacks
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Nitrogen Shelling Malware From Hacked Sites
Nitrogen is the name given to a campaign and associated malware that have been distributed via malicious search ads. Its...
Atomic Stealer Rings In The New Year With Updated Version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
Malicious Ads For Restricted Messaging Applications Target Chinese Users
An ongoing campaign of malicious ads has been targeting Chinese-speaking users with lures for popular messaging applications such as Telegram...
Why the Right Metrics Matter When it Comes to Vulnerability Management
How's your vulnerability management program doing? Is it effective? A success? Let's be honest, without the right metrics or analytics,...
HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining
Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the...
U.S. Feds Shut Down China-Linked “KV-Botnet” Targeting SOHO Routers
The U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and...
CISA Warns of Active Exploitation of Critical Flaws in Apple iOS and macOS
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and...
Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities
Google-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat...
Unleashing the power of cloud with containerisation
Unleashing the power of cloud with containerisation One question that the NCSC is often asked, is whether to use containers...
Cisa Warns Of Patched Iphone Kernel Bug Now Exploited In Attacks
CISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively...
Exploit Released For Android Local Elevation Flaw Impacting 7 Oems
A proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is...
Fbi Disrupts Chinese Botnet By Wiping Malware From Infected Routers
The FBI has disrupted the KV Botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting...
Europcar Denies Data Breach Of 50 Million Users Says Data Is Fake
Car rental company Europcar says it has not suffered a data breach and that shared customer data is fake after...
Cisa Vendors Must Secure Soho Routers Against Volt Typhoon Attacks
CISA has urged manufacturers of small office/home office (SOHO) routers to ensure their devices' security against ongoing attacks attempting to hijack...
Ivanti Warns Of New Connect Secure Zero Day Exploited In Attacks
Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day...
Hackers Push Usb Malware Payloads Via News Media Hosting Sites
A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub,...
Johnson Controls Says Ransomware Attack Cost 27 Million Data Stolen
Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led...
City Cyber Taskforce Launches to Secure Corporate Finance
Two of the UK’s leading accounting and security bodies are teaming up with others to launch a new taskforce today...
US Sanctions Egyptian IT Experts Aiding ISIS in Cybersecurity
The US government has announced sanctions against two Egyptian IT experts for providing cybersecurity support and training to the terrorist...
Citibank Sued For Failing to Protect Fraud Victims
New York’s attorney general, Letitia James, yesterday launched legal action against one of America’s biggest banks for allegedly failing to...
US Senators Propose Cybersecurity Agriculture Bill
A new bipartisan bill proposed by two US Senators looks to bolster the cybersecurity of the food and agriculture sector....
