Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called...
News
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
Multiple threat actors have capitalized on the leak of Babuk (aka Babak or Babyk) ransomware code in September 2021 to...
How Attack Surface Management Supports Continuous Threat Exposure Management
According to Forrester, External Attack Surface Management (EASM) emerged as a market category in 2021 and gained popularity in 2022....
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
Twitter is officially beginning to roll out support for encrypted direct messages (DMs) on the platform, more than six months...
Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack
A nascent botnet called Andoryu has been found to exploit a now-patched critical security flaw in the Ruckus Wireless Admin...
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from...
Why more transparency around cyber attacks is a good thing for everyone
Why more transparency around cyber attacks is a good thing for everyone At the NCSC and ICO, we deal with...
Top 5 Password Cracking Techniques Used by Hackers
One of the biggest security threats is password cracking. Are you an IT system administrator concerned about the security of...
New ‘Greatness’ service simplifies Microsoft 365 phishing attacks
The Phishing-as-a-Service (PhaaS) platform named 'Greatness' has seen a spike in activity as it targets organizations using Microsoft 365 in...
Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach
Joseph James O'Connor, aka 'PlugwalkJoke,' has pleaded guilty to multiple cybercrime offenses, including SIM swapping attacks, cyberstalking, computer hacking, and...
Fake in-browser Windows updates push Aurora info-stealer malware
A recently spotted malvertising campaign tricked users with an in-browser Windows update simulation to deliver the Aurora information stealing malware....
Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt
Industrial cybersecurity company Dragos today disclosed what it describes as a "cybersecurity event" after a known cybercrime gang attempted to...
North Korean hackers breached major hospital in Seoul to steal data
The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country's...
New ransomware decryptor recovers data from partially encrypted files
A new 'White Phoenix' ransomware decryptor allows victims to partially recover files encrypted by ransomware strains that use intermittent encryption....
RapperBot DDoS malware adds cryptojacking as new revenue stream
New samples of the RapperBot botnet malware have added cryptojacking capabilites to mine for cryptocurrency on compromised Intel x64 machines....
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Google Announces New Privacy, Safety, and Security Features Across Its Services
Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The...
Sophisticated DownEx Malware Campaign Targeting Central Asian Governments
Government organizations in Central Asia are the target of a sophisticated espionage campaign that leverages a previously undocumented strain of...
Why Honeytokens Are the Future of Intrusion Detection
A few weeks ago, the 32nd edition of RSA, one of the world's largest cybersecurity conferences, wrapped up in San...
Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
Cybersecurity researchers have shared details about a now-patched security flaw in Windows MSHTML platform that could be abused to bypass...
Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison
A U.K. national has pleaded guilty in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding...
U.S. Government Neutralizes Russia’s Most Sophisticated Snake Cyber Espionage Tool
The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known...
Microsoft’s May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug
Microsoft has rolled out Patch Tuesday updates for May 2023 to address 38 security flaws, including one zero-day bug that...
Criminal IP FDS: A WordPress Plugin to Block Brute Force Attacks
As cybersecurity threats continue to evolve, brute-force attacks have become a growing concern. To address this issue, AI Spera released...
