Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics
Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon...
News
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain...
Hotel hackers redirect guests to fake Booking.com to steal cards
Security researchers discovered a multi-step information stealing campaign where hackers breach the systems of hotels, booking sites, and travel agencies...
T-Mobile denies new data breach rumors, points to authorized retailer
T-Mobile has denied suffering another data breach following Thursday night reports that a threat actor leaked a large database allegedly...
Crypto firm Nansen asks users to reset passwords after vendor breach
Ethereum blockchain analytics firm Nansen asks a subset of its users to reset passwords following a recent data breach at...
Recently patched Apple, Chrome zero-days exploited in spyware attacks
Security researchers with the Citizen Lab and Google's Threat Analysis Group (TAG) revealed today that three zero-days patched by Apple...
Government of Bermuda links cyberattack to Russian hackers
The Government of British overseas territory Bermuda has linked a cyberattack affecting all its departments' IT systems since Thursday to...
Nigerian man pleads guilty to attempted $6 million BEC email heist
Kosi Goodness Simon-Ebo, a 29-year-old Nigerian national extradited from Canada to the United States last April, pleaded guilty to wire...
Dallas says Royal ransomware breached its network using stolen account
The City of Dallas, Texas, said this week that the Royal ransomware attack that forced it to shut down all...
UK Security Agency Publishes New Crypto Designs
The UK’s National Cyber Security Centre (NCSC) looked to burnish its tech credentials this week with the publication of new...
Apple Patches Three Actively Exploited Zero-Days
Apple has patched three zero-day vulnerabilities it claims may have been actively exploited in the wild on iOS devices.CVE-2023-41991 is...
US Government IT Staffer Arrested on Espionage Charges
A US government contractor working as an IT administrator at the State department is facing a maximum penalty of death...
#mWISE: Why Zero Days Are Set for Highest Year on Record
Will the “hot zero-day summer” we’ve been experiencing in 2023 become the new normal?With 62 zero-day vulnerabilities exploited since January,...
Elusive Sandman APT Targets Telecom Giants With LuaJIT Toolkit
Security researchers at SentinelLabs, in collaboration with QGroup, have unveiled a new threat actor known as Sandman. This unidentified group...
Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023
The year 2023 has seen a surge of over 700 advertisements on the dark web offering Distributed Denial of Service...
CISA and NFL Collaborate to Secure Super Bowl LVIII
The US Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Football League (NFL), Allegiant Stadium and Super Bowl...
Ukrainian Hacker Suspected to be Behind “Free Download Manager” Malware Attack
The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its...
Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x...
Mysterious ‘Sandman’ Threat Actor Targets Telecom Providers Across Three Continents
A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers...
China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers
China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting...
The Rise of the Malicious App
Security teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are...
Cyber Group ‘Gold Melody’ Selling Compromised Access to Ransomware Attackers
A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations...
Iranian Nation-State Actor OilRig Targets Israeli Organizations
Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in...
How to Interpret the 2023 MITRE ATT&CK Evaluation Results
Thorough, independent tests are a vital resource for analyzing provider's capabilities to guard against increasingly sophisticated threats to their organization....
