SIM Box Fraud to Drive 700% Surge in Roaming Scams
The volume of global roaming fraud traffic is set to increase by a staggering 700% over the coming five years...
News
Threat Actor Farnetwork Linked to Five Ransomware Schemes
Security researchers have shared information on a prolific threat actor who has contributed to multiple ransomware-as-a-service (RaaS) programs over the...
Three-Quarters of Retail Ransomware Attacks End in Encryption
The share of global retailers hit by a serious ransomware breach over the past 12 months fell nearly 10 percentage...
Data Breach at Singapore’s Marina Bay Sands Affects 665,000 Customers
The Singapore-based luxury complex Marina Bay Sands revealed it was hit by a security incident that exposed the personal data...
GootBot Implant Heightens Risk of Post-Infection Ransomware
A “GootBot” implant, a variant of the notorious Gootloader malware, has been discovered by the IBM X-Force team. In an advisory published...
Predator AI ChatGPT Integration Poses Risk to Cloud Services
Cybersecurity researchers at SentinelLabs have uncovered a new Python-based infostealer and hack tool named “Predator AI.”The malicious tool is specifically...
Microsoft Warns of Election Threats in 2024
A new threat intelligence assessment released by Microsoft’s Threat Analysis Center (MTAC) has warned of potential unprecedented challenges to the...
EU Rules for Digital Identities and Trust Services Face Backlash
A proposed update to the EU’s Electronic Identification, Authentication and Trust Services (eIDAS) regulation is facing strong resistance from industry,...
US Urges Critical Infrastructure Firms to Get “Shields Ready”
The US government has launched a new campaign designed to encourage critical infrastructure (CNI) stakeholders to enhance cyber-resilience in their organizations.The...
US-CERT Vulnerability Summary for the Week of October 30, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocontec -- solarview_compact_firmwareAn issue in Contec SolarView Compact v.6.0 and before allows...
Webinar: Kickstarting Your SaaS Security Strategy & Program
SaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they...
N. Korea’s BlueNoroff Blamed for Hacking macOS Machines with ObjCShellz Malware
The North Korea-linked nation-state group called BlueNoroff has been attributed to a previously undocumented macOS malware strain dubbed ObjCShellz. Jamf...
Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI
A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the...
New GootLoader Malware Variant Evades Detection and Spreads Rapidly
A new variant of the GootLoader malware called GootBot has been found to facilitate lateral movement on compromised systems and...
Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws
Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7...
Offensive and Defensive AI: Let’s Chat(GPT) About It
ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can...
Experts Expose Farnetwork’s Ransomware-as-a-Service Business Model
Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS)...
Confidence in File Upload Security is Alarmingly Low. Why?
Numerous industries—including technology, financial services, energy, healthcare, and government—are rushing to incorporate cloud-based and containerized web applications. The benefits are...
Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now
Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which...
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting...
Migrating to post-quantum cryptography
Migrating to post-quantum cryptography In 2020, the NCSC published a white paper on https://www.ncsc.gov.uk/whitepaper/next-steps-preparing-for-post-quantum-cryptography" target="_self">Preparing for Quantum-Safe Cryptography. This paper...
Iranian Hackers Launch Destructive Cyber Attacks on Israeli Tech and Education Sectors
Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced...
Cybercrime service bypasses Android security to install malware
A new dropper-as-a-service (DaaS) cybercrime operation named 'SecuriDropper' has emerged, using a method that bypasses the 'Restricted Settings' feature in Android...
QNAP warns of critical command injection flaws in QTS OS, apps
QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system...
