New Mockingjay Process Injection Technique Could Let Malware Evade Detection
A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious...
News
New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain
Cybersecurity researchers have discovered a new ongoing campaign aimed at the npm ecosystem that leverages a unique execution chain to...
EncroChat Bust Leads to 6,558 Criminals’ Arrests and €900 Million Seizure
Europol on Tuesday announced that the takedown of EncroChat in July 2020 led to 6,558 arrests worldwide and the seizure...
Beyond Asset Discovery: How Attack Surface Management Prioritizes Vulnerability Remediation
As the business environment becomes increasingly connected, organizations' attack surfaces continue to expand, making it challenging to map and secure...
Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland
A new Android malware campaign has been observed pushing the Anatsa banking trojan to target banking customers in the U.S.,...
New Fortinet’s FortiNAC Vulnerability Exposes Networks to Code Execution Attacks
Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control solution that could...
New techniques added to the NCSC’s ‘risk management toolbox’
New techniques added to the NCSC’s ‘risk management toolbox’ It has been 5 years since we last updated our risk...
Suncor Energy cyberattack impacts Petro-Canada gas stations
Petro-Canada gas stations across Canada are impacted by technical problems preventing customers from paying with credit card or rewards points...
Man charged in US for running ‘Monopoly’ darknet drug market
A 33-year-old man from Serbia has been extradited from Austria to the United States to face charges of running a...
Anatsa Android trojan now steals banking info from users in US, UK
A new mobile malware campaign since March 2023 pushes the Android banking trojan 'Anatsa' to online banking customers in the...
Hackers steal data of 45,000 New York City students in MOVEit breach
The New York City Department of Education (NYC DOE) says hackers stole documents containing the sensitive personal information of up...
New PindOS JavaScript dropper deploys Bumblebee, IcedID malware
Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with...
Inside Threat Actors: Dark Web Forums vs. Illicit Telegram Communities
The proliferation of cybercrime on the internet has given rise to thousands of criminal communities. These corners of the internet,...
US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers
In what's an ingenious side-channel attack, a group of academics has found that it's possible to recover secret keys from...
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins
The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security Have you ever heard of...
Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack
An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an...
Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers
Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as...
How Generative AI Can Dupe SaaS Authentication Protocols — And Effective Ways To Prevent Other Key AI Risks in SaaS
Security and IT teams are routinely forced to adopt software before fully understanding the security risks. And AI tools are...
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins
The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security Have you ever heard of...
Chinese Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks
The newly discovered Chinese nation-state actor known as Volt Typhoon has been observed to be active in the wild since...
Trojanized Super Mario game used to install Windows malware
Image: iammarcowild A trojanized installer for the popular Super Mario 3: Mario Forever game for Windows has been infecting unsuspecting players with multiple...
US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
CISA orders agencies to patch iPhone bugs abused in spyware attacks
Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones...
