Researchers Expose Space Pirates’ Cyber Campaign Across Russia and Serbia
The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and...
News
European Bank Customers Targeted in SpyNote Android Trojan Campaign
Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an...
What is Data Security Posture Management (DSPM)?
Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct...
China’s APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in...
Ongoing STARK#MULE Attack Campaign Discovered
Security researchers have uncovered an ongoing attack campaign dubbed STARK#MULE, which employs US military-related documents as lures to deliver malware...
CISA: New Submarine Backdoor Used in Barracuda Campaign
A Chinese threat actor that compromised federal networks by targeting Barracuda security appliances did so in part thanks to a...
APT31 Implants Target Industrial Organizations
Cybersecurity researchers have uncovered crucial insights into the tactics, techniques and procedures (TTPs) employed by the threat actor APT31 (also known...
Biden Announces National Cyber Workforce and Education Strategy
Against a backdrop of global cybersecurity workforce gap of 3.4 million people, the White House today announced its new National...
SpyNote Android Spyware Strikes Financial Institutions
The Android spyware known as SpyNote has been targeting financial institutions since late 2022 while expanding its capabilities to carry...
UK Military Embraces Security by Design
The UK’s Ministry of Defence (MoD) has launched its Secure by Design initiative, which is to transform how cybersecurity is...
Israel’s largest oil refinery website offline after DDoS attack
Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have...
Hackers steal Signal, WhatsApp user data with fake Android chat app
Hackers are using a fake Android app named 'SafeChat' to infect devices with spyware malware that steals call logs, texts,...
Canon warns of Wi-Fi security risks when discarding inkjet printers
Canon is warning users of home, office, and large format inkjet printers that their Wi-Fi connection settings stored in the...
P2PInfect server botnet spreads using Redis replication feature
Threat actors are actively targeting exposed instances of SSH and Redis Redis open-source data store with a peer-to-peer self-replicating worm...
Google: Android patch gap makes n-days as dangerous as zero-days
Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in...
Hackers exploit BleedingPipe RCE to target Minecraft servers, players
Hackers are actively exploiting a 'BleedingPipe' remote code execution vulnerability in Minecraft mods to run malicious commands on servers and...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods
The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and...
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor
Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China...
AVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy Service
More details have emerged about a botnet called AVRecon, which has been observed making use of compromised small office/home office...
Webinar: Riding the vCISO Wave: How to Provide vCISO Services
Demand for Virtual CISO services is soaring. According to Gartner, the use of vCISO services among small and mid-size businesses...
Hackers Deploy “SUBMARINE” Backdoor in Barracuda Email Security Gateway Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday disclosed details of a "novel persistent backdoor" called SUBMARINE deployed...
IcedID Malware Adapts and Expands Threat with Updated BackConnect Module
The threat actors linked to the malware loader known as IcedID have made updates to the BackConnect (BC) module that's...
RFP Template for Browser Security
Increasing cyber threats and attacks have made protecting organizational data a paramount concern for businesses of all sizes. A group...
