#BHUSA: New Ransomware Groups Emerge Despite Crackdowns
New ransomware groups are emerging as financial gain continues to outweigh the risks for cybercriminals, a new report by Rapid7...
News
#BHUSA: CrowdStrike Outage Serves as Dress Rehearsal for China-Led Cyber-Attacks
The recent CrowdStrike IT outage served as a dress rehearsal for a potential cyber-attack on critical infrastructure that could potentially...
Ireland’s DPC Takes Twitter to Court Over AI User Data Concerns
The Data Protection Commission (DPC), Ireland’s data protection regulator, has launched High Court proceedings against Twitter International Unlimited Company, X...
Microsoft 365 Phishing Alert Can Be Hidden with CSS
Recent research by cybersecurity experts has uncovered a vulnerability in Microsoft 365's anti-phishing mechanisms, which can be exploited using CSS....
New Linux Kernel Exploit Technique ‘SLUBStick’ Discovered by Researchers
Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to elevate...
Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
Cybersecurity researchers have disclosed details of security flaws in the Roundcube webmail software that could be exploited to execute malicious...
New Go-based Backdoor GoGra Targets South Asian Media Organization
An unnamed media organization in South Asia was targeted in November 20233 using a previously undocumented Go-based backdoor called GoGra....
CrowdStrike Reveals Root Cause of Global System Outages
Cybersecurity company CrowdStrike has published its root cause analysis detailing the Falcon Sensor software update crash that crippled millions of...
Chameleon Android Banking Trojan Targets Users Through Fake CRM App
Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan...
Apple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software
Apple on Tuesday announced an update to its next-generation macOS version that makes it a little more difficult for users...
Police Recover Over $40m Headed to BEC Scammers
A Singaporean commodity firm has had a narrow escape after police managed to intervene to recover nearly all of the $42.3m...
French Museums Hit By Ransomware Attack
IT systems used by about 40 French museums, including the Grand Palais, have been targeted by a ransomware attack.The French...
#BHUSA: 17.8m Phishing Emails Detected in First Half of 2024
Darktrace researchers have reported that 17.8 million phishing emails were detected between December 2023 and July 2024.The new report, published...
CVEs Surge 30% in 2024, Only 0.91% Weaponized
In the first half of 2024, the number of reported Common Vulnerabilities and Exposures (CVEs) has increased by 30% compared...
Mobile Guardian Hack Leads to 13,000 Student Devices Wiped in Singapore
Singapore’s Ministry of Education has found that 13,000 students in the country had their data remotely wiped following a cyber-attack...
#BHUSA: Ransom Payments Surge, Organizations Pay Average of $2.5m
Most organizations pay ransoms when they find themselves victim of a ransomware attack, a new survey by Extrahop has highlighted....
INTERPOL Recovers $41 Million in Largest Ever BEC Scam in Singapore
INTERPOL said it devised a "global stop-payment mechanism" that helped facilitate the largest-ever recovery of funds defrauded in a business...
Suspicious Minds: Insider Threats in The SaaS World
Everyone loves the double-agent plot twist in a spy movie, but it's a different story when it comes to securing...
North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry
The North Korea-linked threat actor known as Moonstone Sleet has continued to push malicious npm packages to the JavaScript package...
New Android Spyware LianSpy Evades Detection Using Yandex Cloud
Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021....
Google Patches New Android Kernel Vulnerability Exploited in the Wild
Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild....
New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution
A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP)...
F5 BIG-IP Security Restriction Bypass Vulnerability
A vulnerability was identified in F5 BIG-IP, a remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system. Note:No patch...
Microsoft Monthly Security Update (May 2018)
Updated Risk Level, Description, Source and Related Links.CVE-2018-0824 vulnerability is exploited in the wild. Microsoft COM for Windows contains a...