Critical Ruckus RCE flaw exploited by new DDoS botnet malware
A new malware botnet named 'AndoryuBot' is targeting a critical-severity flaw in the Ruckus Wireless Admin panel to infect unpatched...
News
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services
U.S. authorities have announced the seizure of 13 internet domains that offered DDoS-for-hire services to other criminal actors. The takedown...
Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps
A gambling company in the Philippines was the target of a China-aligned threat actor as part of a campaign that...
Product Security: Harnessing the Collective Experience and Collaborative Tools in DevSecOps
In the fast-paced cybersecurity landscape, product security takes center stage. DevSecOps swoops in, seamlessly merging security practices into DevOps, empowering...
Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability
Iranian nation-state groups have now joined financially motivated actors in actively exploiting a critical flaw in PaperCut print management software,...
Researchers Uncover SideWinder’s Latest Server-Based Polymorphism Technique
The advanced persistent threat (APT) actor known as SideWinder has been accused of deploying a backdoor in attacks directed against...
New Ransomware Strain ‘CACTUS’ Exploits VPN Flaws to Infiltrate Networks
Cybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws...
QR codes used in fake parking tickets, surveys to steal your money
As QR codes continue to be heavily used by legitimate organizations—from Super Bowl advertisements to enforcing parking fees and fines,...
Detecting data theft with Wazuh, the open-source XDR
Data theft is the act of stealing data stored in business databases, endpoints, and servers. The stolen data can include...
Intel investigating leak of Intel Boot Guard private keys after MSI breach
Intel is investigating the leak of alleged private keys used by the Intel Boot Guard security feature, potentially impacting its...
FBI seizes 13 more domains linked to DDoS-for-hire services
cyberstress.org seizure banner (DOJ) The U.S. Justice Department announced today the seizure of 13 more domains linked to DDoS-for-hire platforms,...
Microsoft: Iranian hacking groups join Papercut attack spree
Microsoft says Iranian state-backed hackers have joined the ongoing assault targeting vulnerable PaperCut MF/NG print management servers. These groups are tracked...
US-CERT Vulnerability Summary for the Week of April 24, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Join Our Webinar: Learn How to Defeat Ransomware with Identity-Focused Protection
Are you concerned about ransomware attacks? You're not alone. In recent years, these attacks have become increasingly common and can...
SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations
The suspected Pakistan-aligned threat actor known as SideCopy has been observed leveraging themes related to the Indian military research organization...
MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company's private code...
Western Digital Confirms Customer Data Stolen by Hackers in March Breach
Digital storage giant Western Digital confirmed that an "unauthorized third party" gained access to its systems and stole personal information...
How to Set Up a Threat Hunting and Threat Intelligence Program
Threat hunting is an essential component of your cybersecurity strategy. Whether you're getting started or in an advanced state, this...
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a...
New Cactus ransomware encrypts itself to evade antivirus
A new ransomware operation called Cactus has been exploiting vulnerabilities in VPN appliances for initial access to networks of “large...
New CS:GO map bypasses Russia’s censorship of Ukraine war news
Finish newspaper Helsinin Sanomat has created a custom Counter-Strike: Global Offensive (CS:GO) map explicitly made to bypass Russian news censorship...
Western Digital says hackers stole customer data in March cyberattack
Western Digital has taken its store offline and sent customers data breach notifications after confirming that hackers stole sensitive personal...
Meet Akira — A new ransomware operation targeting the enterprise
The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt...
