Ransomware Costs Financial Services $32bn in Five Years
Global financial services organizations have lost over $32bn in downtime since 2018 due to ransomware breaches, a new report has...
News
New Threat Actor Launches Cyber-attacks on Ukraine and Poland
A new threat actor group has been observed conducting a series of cyber-attacks targeting government entities, military organizations and civilian...
LokiBot Malware Targets Windows Users in Office Document Attacks
Windows users have been targeted again by the sophisticated malware known as LokiBot, which is spreading through malicious Office documents. According...
AI Tool WormGPT Enables Convincing Fake Emails For BEC Attacks
A generative AI tool, WormGPT, has emerged as a powerful weapon in the hands of cyber-criminals, specifically for launching business...
Chinese APT Favorite Backdoor Found in Pakistani Government App
Trend Micro has discovered a sample of Shadowpad, a sophisticated backdoor used by various Chinese-sponsored threat actors, in an application...
Thousands of images on Docker Hub leak auth secrets, private keys
Researchers at the RWTH Aachen University in Germany published a study revealing that tens of thousands of container images hosted...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Gamaredon hackers start stealing data 30 minutes after a breach
Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
Shutterfly says Clop ransomware attack did not impact customer data
Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months,...
Cyberattacks through Browser Extensions – the Importance of MFA
There are many avenues of attack that a threat actor can take. One that has been increasing in recent years...
AVrecon malware infects 70,000 Linux routers to build botnet
Since at least May 2021, stealthy Linux malware called AVrecon was used to infect over 70,000 Linux-based small office/home office...
Criminal IP and Tines Forge Powerful Tech Alliance
In the fast-paced world of cybersecurity, strategic technical partnerships are crucial for staying ahead of emerging threats. Criminal IP, a...
WordPress AIOS plugin used by 1M sites logged plaintext passwords
The All-In-One Security (AIOS) WordPress security plugin, used by over a million WordPress sites, was found to be logging plaintext...
BreachForums owner Pompompurin pleads guilty to hacking charges
Conor Brian Fitzpatrick, aka Pompompurin, the owner of the notorious BreachForums (aka Breached) hacking forum, has pleaded guilty to hacking...
Genesis Market infrastructure and inventory sold on hacker forum
Image: Bing Create The administrators of the Genesis Market for stolen credentials announced on a hacker forum that they sold...
Colorado State University says data breach impacts students, staff
Colorado State University (CSU) has confirmed that the Clop ransomware operation stole sensitive personal information of current and former students...
Rockwell warns of new APT RCE exploit targeting critical infrastructure
Rockwell Automation says a new remote code execution (RCE) exploit linked to an unnamed Advanced Persistent Threat (APT) group could...
US-CERT Vulnerability Summary for the Week of July 3, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infosem-cms -- semcmsFile Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers...
USB drive malware attacks spiking again in first half of 2023
What's old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first...
Fake Linux vulnerability exploit drops data-stealing malware
​Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux...
Cisco SD-WAN vManage impacted by unauthenticated REST API access
The Cisco SD-WAN vManage management software is impacted by a flaw that allows an unauthenticated, remote attacker to gain read...
Source code for BlackLotus Windows UEFI malware leaked on GitHub
The source code for the BlackLotus UEFI bootkit has leaked online, allowing greater insight into a malware that has caused...
Zimbra urges admins to manually fix zero-day exploited in attacks
Zimbra urged admins today to manually fix a zero-day vulnerability actively exploited to target and compromise Zimbra Collaboration Suite (ZCS)...
