Pikabot Distributed Via Malicious Ads
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via...
News
Atomic Stealer Rings In The New Year With Updated Version
Last year, we documented malware distribution campaigns both via malvertising and compromised sites delivering Atomic Stealer (AMOS) onto Mac users....
New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
Atomic Stealer Gets an Upgrade – Targeting Mac Users with Encrypted Payload
Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat...
There is a Ransomware Armageddon Coming for Us All
Generative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising...
Active Exploitation of Zero Day Vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways
Ivanti has disclosed two zero-day vulnerabilities (CVE-2023-46805 and CVE-2024-21887) that are being actively exploited. The vulnerabilities are:- CVE-2023-46805: Successful exploitation of...
Mandiant’s X Account Was Hacked Using Brute-Force Attack
The compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing...
Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure
A pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked...
Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software
Cisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to...
Fidelity National Financial Hackers Stole Data Of 13 Million People
Fidelity National Financial (FNF) has confirmed that a November cyberattack (claimed by the BlackCat ransomware gang) has exposed the data...
Shinyhunters Member Gets 3 Years In Prison For Breaching 60 Firms
The U.S. District Court in Seattle sentenced ShinyHunters member Sebastien Raoult to three years in prison and ordered a restitution...
Pro Ukraine Hackers Breach Russian Isp In Revenge For Kyivstar Attack
A pro-Ukraine hacktivist group named ‘Blackjack’ has claimed a cyberattack against Russian provider of internet services M9com as a direct...
Windows 10 Kb5034441 Security Update Fails With 0x80070643 Errors
Windows 10 users worldwide report problems installing Microsoft's January Patch Tuesday updates, getting 0x80070643 errors when attempting to install the...
Mandiants X Account Hacked By Crypto Drainer As A Service Gang
Cybersecurity firm and Google subsidiary Mandiant says its Twitter/X account was hijacked last week by a Drainer-as-a-Service (DaaS) gang in what it...
Ivanti Warns Of Connect Secure Zero Days Exploited In Attacks
Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers...
Cisco Says Critical Unity Connection Bug Lets Attackers Get Root
Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched...
Fake 401k Year End Statements Used To Steal Corporate Credentials
Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports...
Ukrainian “Blackjack” Hackers Take Out Russian ISP
A hacking group linked to Ukraine’s main spy agency the SBU has launched a destructive cyber-attack against a Moscow ISP...
Microsoft Fixes 12 RCE Bugs in January Patch Tuesday
Microsoft has begun the year with patches for a near-half century of CVEs, although there were no zero-day bugs addressed...
Cyber Insecurity and Misinformation Top WEF Global Risk List
The latest World Economic Forum Global Risks Report 2024 highlighted the rising tide of cyber threats and places misinformation and...
Cyber Insurance Market to be Worth Over $90bn by 2033
The global cyber insurance market is projected to be worth $90.6bn by 2033, at a growth rate of 22.3% CAGR...
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over
Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to...
Only 4% of US States Fully Prepared for Cyber-Attacks Targeting Elections
Read more about cyber-threats to the 2024 US elections: Can We Protect the Ballot Box? Global Guide to Election Cyber...
Jan 2024 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.The vulnerabilities that have been classified as...
