Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover
A financially motivated cyber actor has been observed abusing Microsoft Azure Serial Console on virtual machines (VMs) to install third-party...
News
Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs
The second generation version of Belkin's Wemo Mini Smart Plug has been found to contain a buffer overflow vulnerability that...
State-Sponsored Sidewinder Hacker Group’s Covert Attack Infrastructure Uncovered
Cybersecurity researchers have unearthed previously undocumented attack infrastructure used by the prolific state-sponsored group SideWinder to strike entities located in...
U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator
A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against...
Parental control app with 5 million downloads vulnerable to attacks
Image: Gaelle Marcel Kiddowares 'Parental Control – Kids Place' app for Android is impacted by multiple vulnerabilities that could enable attackers...
Open-source Cobalt Strike port ‘Geacon’ used in macOS attacks
Geacon, a Go-based implementation of the beacon from the widely abused penetration testing suite Cobalt Strike, is being used more and more...
Ransomware Prevention – Are Meeting Password Security Requirements Enough
As ransomware attacks continue to wreak havoc on organizations worldwide, many official standards and regulations have been established to address...
Russian ransomware affiliate charged with attacks on critical infrastructure
The U.S. Justice Department has filed charges against a Russian citizen named Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x,...
Hackers infect TP-Link router firmware to attack EU entities
A Chinese state-sponsored hacking group named "Camaro Dragon" infects residential TP-Link routers with a custom "Horse Shell" malware used to...
Hackers use Azure Serial Console for stealthy access to VMs
A financially motivated cybergang tracked by Mandiant as 'UNC3944' is using phishing and SIM swapping attacks to hijack Microsoft Azure...
New ZIP domains spark debate among cybersecurity experts
Cybersecurity researchers and IT admins have raised concerns over Google's new ZIP and MOV Internet domains, warning that threat actors...
US-CERT Vulnerability Summary for the Week of May 8, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
China’s Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks
The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks...
Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts
Ransomware affiliates associated with the Qilin ransomware-as-a-service (RaaS) scheme earn anywhere between 80% to 85% of each ransom payment, according...
Cyolo Product Overview: Secure Remote Access to All Environments
Operational technology (OT) cybersecurity is a challenging but critical aspect of protecting organizations' essential systems and resources. Cybercriminals no longer...
CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules
The threat actors behind the CopperStealer malware resurfaced with two new campaigns in March and April 2023 that are designed...
Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target...
i100 industry team and NCSC collaborate on refreshed guidance for boards
i100 industry team and NCSC collaborate on refreshed guidance for boards Originally published in 2019, the https://www.ncsc.gov.uk/collection/board-toolkit" target="_self">NCSC’s cyber security...
New RA Group ransomware targets U.S. orgs in double-extortion attacks
A new ransomware group named 'RA Group' is targeting pharmaceutical, insurance, wealth management, and manufacturing firms in the United States...
Stealthy MerDoor malware uncovered after five years of attacks
A new APT hacking group dubbed Lancefly uses a custom 'Merdoor' backdoor malware to target government, aviation, and telecommunication organizations...
Airline exposes passenger info to others due to a ‘technical error’
airBaltic, Latvia's flag carrier has acknowledged that a 'technical error' exposed reservation details of some of its passengers to other airBaltic...
The new info-stealing malware operations to watch out for
The information-stealing malware market is constantly evolving, with multiple malware operations competing for cybercriminal customers by promoting better evasion and...
Philadelphia Inquirer operations disrupted after cyberattack
The Philadelphia Inquirer daily newspaper is working on restoring systems impacted by what was described as a cyberattack that hit...
WhatsApp now lets you lock chats with a password or fingerprint
Meta is now rolling out 'Chat Lock,' a new WhatsApp privacy feature allowing users to block others from accessing their...
