Stealthier version of Linux BPFDoor malware spotted in the wild
A new, stealthier variant of the Linux malware 'BPFDoor' has been discovered, featuring more robust encryption and reverse shell communications....
News
WordPress Elementor plugin bug let attackers hijack accounts on 1M sites
One of WordPress's most popular Elementor plugins, "Essential Addons for Elementor," was found to be vulnerable to an unauthenticated privilege...
Brightly warns of SchoolDude data breach exposing credentials
U.S. tech company and Siemens subsidiary Brightly Software is notifying customers that their personal information and credentials were stolen by...
Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
An increasing number of ransomware operations are adopting the leaked Babuk ransomware source code to create Linux encryptors targeting VMware...
Multinational tech firm ABB hit by Black Basta ransomware attack
Swiss multinational company ABB, a leading electrification and automation technology provider, has suffered a Black Basta ransomware attack, reportedly impacting...
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
A previously undetected advanced persistent threat (APT) actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since...
Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called...
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
Multiple threat actors have capitalized on the leak of Babuk (aka Babak or Babyk) ransomware code in September 2021 to...
How Attack Surface Management Supports Continuous Threat Exposure Management
According to Forrester, External Attack Surface Management (EASM) emerged as a market category in 2021 and gained popularity in 2022....
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
Twitter is officially beginning to roll out support for encrypted direct messages (DMs) on the platform, more than six months...
Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack
A nascent botnet called Andoryu has been found to exploit a now-patched critical security flaw in the Ruckus Wireless Admin...
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from...
Why more transparency around cyber attacks is a good thing for everyone
Why more transparency around cyber attacks is a good thing for everyone At the NCSC and ICO, we deal with...
Top 5 Password Cracking Techniques Used by Hackers
One of the biggest security threats is password cracking. Are you an IT system administrator concerned about the security of...
New ‘Greatness’ service simplifies Microsoft 365 phishing attacks
The Phishing-as-a-Service (PhaaS) platform named 'Greatness' has seen a spike in activity as it targets organizations using Microsoft 365 in...
Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach
Joseph James O'Connor, aka 'PlugwalkJoke,' has pleaded guilty to multiple cybercrime offenses, including SIM swapping attacks, cyberstalking, computer hacking, and...
Fake in-browser Windows updates push Aurora info-stealer malware
A recently spotted malvertising campaign tricked users with an in-browser Windows update simulation to deliver the Aurora information stealing malware....
Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt
Industrial cybersecurity company Dragos today disclosed what it describes as a "cybersecurity event" after a known cybercrime gang attempted to...
North Korean hackers breached major hospital in Seoul to steal data
The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country's...
New ransomware decryptor recovers data from partially encrypted files
A new 'White Phoenix' ransomware decryptor allows victims to partially recover files encrypted by ransomware strains that use intermittent encryption....
RapperBot DDoS malware adds cryptojacking as new revenue stream
New samples of the RapperBot botnet malware have added cryptojacking capabilites to mine for cryptocurrency on compromised Intel x64 machines....
US-CERT Vulnerability Summary for the Week of May 1, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Google Announces New Privacy, Safety, and Security Features Across Its Services
Google unveiled a slew of new privacy, safety, and security features today at its annual developer conference, Google I/O. The...
