Smash-and-Grab Extortion
The Problem The "2024 Attack Intelligence Report" from the staff at Rapid7 is a well-researched, well-written report that is worthy...
News
Google Adds Passkeys to Advanced Protection Program for High-Risk Users
Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP)....
True Protection or False Promise? The Ultimate ITDR Shortlisting Guide
It's the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that...
HuiOne Guarantee: The $11 Billion Cybercrime Hub of Southeast Asia
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia,...
July 2024 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.The vulnerabilities that have been classified as...
Critical Vulnerability in Apache HTTP Server
Apache Software Foundation has released security updates to address a critical vulnerability (CVE-2024-39884) in their Apache HTTP Server. The vulnerability...
Crypto Analysts Expose HuiOne Guarantee’s $11 Billion Cybercrime Transactions
Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia,...
ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks
The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. "A notable aspect of the...
New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution...
Microsoft Monthly Security Update (July 2024)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesMicrosoft Dynamics Medium RiskInformation Disclosure Windows High RiskElevation of Privilege Security...
Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak
A threat actor continued their extortion campaign against Ticketmaster on Monday by claiming to leak over 30,000 print-at-home tickets stolen...
Avast Provides DoNex Ransomware Decryptor to Victims
Law enforcement organizations have been sharing decryptor keys with victims of the DoNex ransomware since March 2024, according to antivirus...
Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection
A majority of global manufacturers are inviting unnecessary extra cyber risk by failing to properly implement the DMARC email security...
Eldorado Ransomware Strikes Windows and Linux Networks
Security researchers have uncovered significant insights into the latest iteration of Ransomware-as-a-Service (RaaS) known as Eldorado. The sophisticated malware, designed to...
Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers
Evolve Bank & Trust, a prominent US banking-as-a-service company, has recently confirmed that a cyber-attack earlier in 2024 compromised the...
RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by...
Critical Vulnerabilities in Gogs Open-Source Git Service
Security researchers have disclosed multiple vulnerabilities (CVE-2024-39930,CVE-2024-39931, CVE-2024-39932) affecting Gogs open-source Git service. The vulnerabilities have a Common Vulnerability Scoring...
Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks
Cybersecurity researchers have found that it's possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal...
GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel
Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool...
HUMINT: Diving Deep into the Dark Web
Clear Web vs. Deep Web vs. Dark Web Threat intelligence professionals divide the internet into three main components: Clear Web...
Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories
Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to...
Cybersecurity Agencies Warn of China-linked APT40’s Rapid Exploit Adaptation
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint...
F5 Products Denial of Service Vulnerability
A vulnerability was identified in F5 Products. A remote attacker could exploit this vulnerability to trigger denial of service condition on the targeted...
Crypto Thefts Double to $1.4 Billion, TRM Labs Finds
Hacks and exploits on cryptocurrency exchanges are soaring, with twice as much money being stolen in the first half of...
