Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited...
News
Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email...
‘Stargazer Goblin’ Creates 3,000 Fake GitHub Accounts for Malware Spread
A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service...
How Searchable Encryption Changes the Data Security Game
Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere. Organizations know they must...
Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site
The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as...
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with...
French Authorities Launch Operation to Remove PlugX Malware from Infected Systems
French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known...
Hacktivists Claim Leak of CrowdStrike Threat Intelligence
A hacktivist group has claimed to have leaked CrowdStrike’s entire internal threat actor list, including indicators of compromise (IoC).CrowdStrike acknowledged...
Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain
Pathology services provider Synnovis has rebuilt “substantial parts” of its systems since the ransomware attack on June 3, 2024, restoring...
Despite Bans, AI Code Tools Widespread in Organizations
Organizations are concerned about security threats stemming from developers using AI, according to a new Checkmarx report.The cloud-native application security...
This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS)...
Offensive AI: The Sine Qua Non of Cybersecurity
"Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that...
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on Hospitals
The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly...
Onyx Sleet uses array of malware to gather intelligence for North Korea
On July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat...
Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk
Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw...
Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining
Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining....
CrowdStrike Warns of New Phishing Scam Targeting German Customers
CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious...
Malware Attacks Surge 30% in First Half of 2024
Malware-based threats surged in the first half of 2024, up by 30% compared to the same period in 2023, according...
Most IT Leaders Say Severity of Cyber-Attacks has Increased
Nine in 10 of IT leaders have said that the risk and severity of cyber-attacks has increased over the past...
6 Types of Applications Security Testing You Must Know About
While the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy...
North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks
A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the...
Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams
Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to...
Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform
Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit...
Webinar: Securing the Modern Workspace: What Enterprises MUST Know about Enterprise Browser Security
The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least...
