New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks
A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS...
News
Emotet malware now distributed in Microsoft OneNote files to evade defenses
The Emotet malware is now distributed using Microsoft OneNote email attachments, aiming to bypass Microsoft security restrictions and infect more...
Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack
The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a...
LockBit 3.0 Ransomware: Inside the Cyberthreat That’s Costing Millions
U.S. government agencies have released a joint cybersecurity advisory detailing the indicators of compromise (IoCs) and tactics, techniques, and procedures...
Pompompurin Unmasked: Infamous BreachForums Mastermind Arrested in New York
U.S. law enforcement authorities have arrested a New York man in connection with running the infamous BreachForums hacking forum under...
Alleged BreachForums owner ‘Pompompurin’ arrested on cybercrime charges
U.S. law enforcement arrested on Wednesday a New York man believed to be Pompompurin, the owner of the BreachForums hacking...
The Week in Ransomware – March 17th 2023 – Shifting to data extortion
The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting...
NBA alerts fans of a data breach exposing personal information
The NBA (National Basketball Association) is notifying fans of a data breach after some of their personal information, "held" by...
RAT developer arrested for infecting 10,000 PCs with malware
Ukraine's cyberpolice has arrested the developer of a remote access trojan (RAT) malware that infected over 10,000 computers while posing...
Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day...
FakeCalls Vishing Malware Targets South Korean Users via Popular Financial Apps
An Android voice phishing (aka vishing) malware campaign known as FakeCalls has reared its head once again to target South...
Lookalike Telegram and WhatsApp Websites Distributing Cryptocurrency Stealing Malware
Copycat websites for instant messaging apps like Telegram and WhatApp are being used to distribute trojanized versions and infect Android...
A New Security Category Addresses Web-borne Threats
In the modern corporate IT environment, which relies on cloud connectivity, global connections and large volumes of data, the browser...
THN Webinar: 3 Research-Backed Ways to Secure Your Identity Perimeter
Think of the typical portrayal of a cyberattack. Bad guy pounding furiously on a keyboard, his eyes peeking out from...
New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks
A new Golang-based botnet dubbed HinataBot has been observed to leverage known flaws to compromise routers and servers and use...
Hacker selling data allegedly stolen in US Marshals Service hack
A threat actor is selling on a Russian-speaking hacking forum what they claim to be hundreds of gigabytes of data...
Critical Microsoft Outlook bug PoC shows how easy it is to exploit
Security researchers have shared technical details for exploiting a critical Microsoft Outlook vulnerability for Windows (CVE-2023-23397) that allows hackers to remotely...
US federal agency hacked using old Telerik bug to steal data
Last year, a U.S. federal agency's Microsoft Internet Information Services (IIS) web server was hacked by exploiting a critical .NET...
FBI: Ransomware hit 860 critical infrastructure orgs in 2022
The Federal Bureau of Investigation (FBI) revealed in its 2022 Internet Crime Report that ransomware gangs breached the networks of...
LockBit ransomware claims Essendant attack, company says “network outage”
LockBit ransomware has claimed a cyber attack on Essendant, a wholesale distributer of office products after a "significant" and ongoing...
Winter Vivern APT hackers use fake antivirus scans to install malware
An advanced hacking group named 'Winter Vivern' targets European government organizations and telecommunication service providers to conduct espionage. The group's...
NordVPN open sources its Linux VPN client and libraries
Nord Security (Nord) has released the source code of its Linux NordVPN client and associated networking libraries in the hopes...
CISA warns of Adobe ColdFusion bug exploited as a zero-day
CISA has added a critical vulnerability impacting Adobe ColdFusion versions 2021 and 2018 to its catalog of security bugs exploited...
NordVPN open sources its Linux VPN client and libraries
Nord Security (Nord) has released the source code of its Linux NordVPN client and associated networking libraries in the hopes...
