$30 Million worth of cryptocurrency stolen by Lazarus from Axie Infinity was recovered
US authorities recovered more than $30 million worth of cryptocurrency stolen by the North Korea-linked Lazarus APT from Axie Infinity....
News
Experts warn of attacks exploiting zero-day in WordPress BackupBuddy plugin
Threat actors are exploiting a zero-day vulnerability in a WordPress plugin called BackupBuddy, Wordfence researchers warned. On September 6, 2022, the...
Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices
Iran-linked APT group DEV-0270 (aka Nemesis Kitten) is abusing the BitLocker Windows feature to encrypt victims’ devices. Microsoft Security Threat...
Threat landscape for industrial automation systems for H1 2022
H1 2022 in numbers Geography In H1 2022, malicious objects were blocked at least once on 31.8% of ICS computers...
CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog
CISA added 12 more security flaws to its Known Exploited Vulnerabilities Catalog including four D-Link vulnerabilities. The U.S. Cybersecurity and Infrastructure...
CIEM vs CWPP vs CSPM
This article will explore three solutions, CIEM, CWPP, and CSPM, detail a sample case for each, and help you to...
Biden Cybersecurity Executive Order: Ex-USSS Reflects
Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, reflects on the...
How Malicious Actors Abuse Native Linux Tools in Attacks
Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to...
US-CERT Bulletin (SB22-249):Vulnerability Summary for the Week of August 29, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Classified NATO documents sold on darkweb after they were stolen from Portugal
Threat actors claimed to have stolen classified NATO documents from the Armed Forces General Staff agency of Portugal (EMGFA). After...
NCSC CEO appears at major US cyber security summit
N National Cyber Security Centre CEO Lindy Cameron discussed cyber security from a UK perspective during two appearances at a...
North Korea-linked Lazarus APT targets energy providers around the world
North Korea-linked Lazarus APT group is targeting energy providers around the world, including organizations in the US, Canada, and Japan. Talos researchers...
Cisco will not fix the authentication bypass flaw in EoL routers
Cisco fixed new security flaws affecting its products, including a recently disclosed high-severity issue in NVIDIA Data Plane Development Kit. The most...
Ex-members of the Conti ransomware gang target Ukraine
Some members of the Conti ransomware gang were involved in financially motivated attacks targeting Ukraine from April to August 2022....
Albania interrupted diplomatic ties with Iran over the mid-July attack
Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff over the mid-July attack. Albanian Prime Minister Edi...
Enhancing Cloud Security by Reducing Container Images Through Distroless Techniques
We analyzed the Distroless technique for reducing the size of container images and explored its capabilities to address security concerns....
Experts spotted a new stealthy Linux malware dubbed Shikitega
A new Linux malware dubbed Shikitega leverages a multi-stage infection chain to target endpoints and IoT devices. Researchers from AT&T Alien Labs...
Challenges of User Authentication: What You Need to Know
In the digital age, authentication is paramount to a strong security strategy. Which are the challenges of user authentication? In...
Zyxel addressed a critical RCE flaw in its NAS devices
Networking equipment vendor Zyxel addressed a critical vulnerability impacting its network-attached storage (NAS) devices. Zyxel addressed a critical vulnerability, tracked...
Moobot botnet is back and targets vulnerable D-Link routers
The Moobot botnet is behind a new wave of attacks that started in early August and that target vulnerable D-Link...
Good game, well played: an overview of gaming-related cyberthreats in 2022
The gaming industry went into full gear during the pandemic, as many people took up online gaming as their new...
3 Hybrid Cloud Security Challenges & Solutions
Explore hybrid cloud security challenges, components, and tips to minimize your cyber risk. If you like the site, please consider...
Play Ransomware’s Attack Playbook Unmasks it as Another Hive Affiliate like Nokoyawa
Play is a new ransomware that takes a page out of Hive and Nokoyawa's playbook. The many similarities among them...
Play Ransomware’s Attack Playbook Similar to that of Hive, Nokoyawa
Play is a new ransomware that takes a page out of Hive and Nokoyawa's playbook. The many similarities among them...
