Barracuda ESG zero-day attacks linked to suspected Chinese hackers
A suspected pro-China hacker group tracked by Mandiant as UNC4841 has been linked to data-theft attacks on Barracuda ESG (Email...
News
Android GravityRAT malware now steals your WhatsApp backups
A new Android malware campaign spreading the latest version of GravityRAT has been underway since August 2022, infecting mobile devices...
Suspected LockBit ransomware affiliate arrested, charged in US
Russian national Ruslan Magomedovich Astamirov was arrested in Arizona and charged by the U.S. Justice Department for allegedly deploying LockBit...
Rhysida ransomware leaks documents stolen from Chilean Army
Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents...
Clop ransomware gang starts extorting MOVEit data-theft victims
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks, first listing the company's names on...
MOVEit Transfer customers warned of new flaw as PoC info surfaces
Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi)...
Third Flaw Uncovered in MOVEit Transfer App Amidst Cl0p Ransomware Mass Attack
Progress Software on Thursday disclosed a third vulnerability impacting its MOVEit Transfer application, as the Cl0p cybercrime gang deployed extortion...
US-CERT Vulnerability Summary for the Week of June 5, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency
Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new findings...
Chinese UNC4841 Group Exploits Zero-Day Flaw in Barracuda Email Security Gateway
A suspected China-nexus threat actor dubbed UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in...
New Research: 6% of Employees Paste Sensitive Data into GenAI tools as ChatGPT
The revolutionary technology of GenAI tools, such as ChatGPT, has brought significant risks to organizations' sensitive data. But what do...
Warning: GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files
An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and...
New Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries
In what's a new kind of software supply chain attack aimed at open source projects, it has emerged that threat...
Vidar Malware Using New Tactics to Evade Detection and Anonymize Activities
The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal...
Where from, Where to — The Evolution of Network Security
For the better part of the 90s and early aughts, the sysadmin handbook said, "Filter your incoming traffic, not everyone...
New Report Reveals Shuckworm’s Long-Running Intrusions on Ukrainian Organizations
The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to...
Microsoft Warns of New Russian State-Sponsored Hacker Group with Destructive Intent
Microsoft on Wednesday took the lid off a "novel and distinct Russian threat actor," which it said is linked to...
Where from, Where to — The Evolution of Network Security
For the better part of the 90s and early aughts, the sysadmin handbook said, "Filter your incoming traffic, not everyone...
LockBit Ransomware Extorts $91 Million from U.S. Companies
The threat actors behind the LockBit ransomware-as-a-service (RaaS) scheme have extorted $91 million following hundreds of attacks against numerous U.S....
Compliance Automation: Your Audit Experience Before and After
Richard Stevenson, Manager of Cybersecurity Risk Management and Compliance at Drata Automation transforms the audit experience. What was once a...
CISA: LockBit ransomware extorted $91 million in 1,700 U.S. attacks
U.S. and international cybersecurity authorities said in a joint LockBit ransomware advisory that the gang successfully extorted roughly $91 million...
Fake zero-day PoC exploits on GitHub push Windows, Linux malware
Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows...
WannaCry ransomware impersonator targets Russian “Enlisted” FPS players
A ransomware operation targets Russian players of the Enlisted multiplayer first-person shooter, using a fake website to spread trojanized versions...
Chinese hackers use DNS-over-HTTPS for Linux malware communication
The Chinese threat group 'ChamelGang' infects Linux devices with a previously unknown implant named 'ChamelDoH,' allowing DNS-over-HTTPS communications with attackers'...
