Millions of Spoofed Emails Bypass Proofpoint Security in Phishing Campaign
Millions of perfectly spoofed emails have been sent daily as hackers took advantage of a flaw in Proofpoint’s email protection...
News
Sophisticated Phishing Campaign Targets Microsoft OneDrive Users
Security researchers have uncovered a sophisticated phishing campaign targeting Microsoft OneDrive users. The campaign employs advanced social engineering tactics to...
ICO Slams Electoral Commission for Basic Security Failings
Basic security failings allowed hackers to access the personal details of 40 million British voters held by the UK’s Electoral...
The Power and Peril of RMM Tools
As more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and...
Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware
Cybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led...
New Mandrake Spyware Found in Google Play Store Apps After Two Years
A new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for...
New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries
The nation-state threat actor known as SideWinder has been attributed to a new cyber espionage campaign targeting ports and maritime...
Cyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal Underground
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts. Each...
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated...
OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script
Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a...
US Crypto Exchange Gemini Reveals Breach
A US-headquartered cryptocurrency exchange has revealed a supply chain breach which led to the compromise of personal and banking information...
Mandrake Spyware Infects 32,000 Devices Via Google Play Apps
Security researchers have shed light on a new iteration of Mandrake, a sophisticated Android cyber-espionage malware tool. Initially analyzed by...
Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware
An unknown PowerShell backdoor has been discovered alongside a new variant of the Zloader/SilentNight malware, Walmart’s Cyber Intelligence Team has...
Less Than Half of European Firms Have AI Controls in Place
European businesses have been urged to carefully assess what privacy, security and acceptable usage controls they need to place on...
Hotjar, Business Insider Vulnerabilities Expose OAuth Data Risks
Security researchers have unveiled critical vulnerabilities within web analytics provider Hotjar and global news outlet Business Insider. The findings, from Salt...
US-CERT Vulnerability Summary for the Week of July 22, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited...
Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email...
‘Stargazer Goblin’ Creates 3,000 Fake GitHub Accounts for Malware Spread
A threat actor known as Stargazer Goblin has set up a network of inauthentic GitHub accounts to fuel a Distribution-as-a-Service...
How Searchable Encryption Changes the Data Security Game
Searchable Encryption has long been a mystery. An oxymoron. An unattainable dream of cybersecurity professionals everywhere. Organizations know they must...
Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site
The remote access trojan known as Gh0st RAT has been observed being delivered by an "evasive dropper" called Gh0stGambit as...
French Authorities Launch Operation to Remove PlugX Malware from Infected Systems
French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known...
Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with...
Hacktivists Claim Leak of CrowdStrike Threat Intelligence
A hacktivist group has claimed to have leaked CrowdStrike’s entire internal threat actor list, including indicators of compromise (IoC).CrowdStrike acknowledged...
