ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed....
News
U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive...
Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign
A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across...
Military-themed Email Scam Spreads Malware to Infect Pakistani Users
Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using...
Oyster Backdoor Spreading via Trojanized Popular Software Downloads
A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a...
SolarWinds Serv-U Vulnerability Under Active Attack – Patch Immediately
A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the...
How to Use Tines’s SOC Automation Capability Matrix
Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC...
Why SaaS Security is Suddenly Hot: Racing to Defend and Comply
Recent supply chain cyber-attacks are prompting cyber security regulations in the financial sector to tighten compliance requirements, and other industries...
U.S. Bans Kaspersky Software, Citing National Security Risks
The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban...
Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs
Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of...
French Diplomatic Entities Targeted in Russian-Linked Cyber Attacks
State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's...
Chinese Cyber Espionage Targets Telecom Operators in Asia Since 2021
Cyber espionage groups associated with China have been linked to a long-running campaign that has infiltrated several telecom operators located...
New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration
A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the...
Tool Overload: Why MSPs Are Still Drowning with Countless Cybersecurity Tools in 2024
Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing...
Critical Vulnerabilities in ASUS’ Router Products
ASUS has released security updates to address two critical vulnerabilities (CVE-2024-3080 and CVE-2024-3912) in their router products. The vulnerabilities have...
Experts Uncover New Evasive SquidLoader Malware Targeting Chinese Organizations
Cybersecurity researchers have uncovered a new evasive malware loader named SquidLoader that spreads via phishing campaigns targeting Chinese organizations. AT&T...
Cybersecurity Burnout Costing Firms $700m+ Annually
British and US enterprises may be throwing away as much as $756m each year through lost productivity due to burned-out...
G7 to Develop Cybersecurity Framework for Energy Sector
The G7 nations will develop a collective cybersecurity framework for operational technologies in energy systems, aimed at both manufacturers and...
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw
Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal...
UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has...
Critical Vulnerabilities in VMware vCenter Server
VMware has released security updates addressing critical vulnerabilities (CVE-2024-37079 and CVE-2024-37080) affecting their vCenter Server products. The vulnerabilities have a...
New Threat Actor ‘Void Arachne’ Targets Chinese Users with Malicious VPN Installers
Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI)...
Warning: Markopolo’s Scam Targeting Crypto Users via Fake Meeting Software
A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital...
New Case Study: Unmanaged GTM Tags Become a Security Nightmare
Are your tags really safe with Google Tag Manager? If you've been thinking that using GTM means that your tracking...
