New proxyjacking attacks monetize hacked SSH servers’ bandwidth
Attackers behind an ongoing series of proxyjacking attacks are hacking into vulnerable SSH servers exposed online to monetize them through...
cybersecurity
Free Akira ransomware decryptor helps recover your files
Cybersecurity firm Avast has released a free decryptor for the Akira ransomware that can help victims recover their data without...
CISA issues DDoS warning after attacks hit multiple US orgs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of ongoing distributed denial-of-service (DDoS) attacks after U.S. organizations across...
Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs
Hackers exploit a zero-day privilege escalation vulnerability in the 'Ultimate Member' WordPress plugin to compromise websites by bypassing security measures...
MITRE releases new list of top 25 most dangerous software bugs
MITRE shared today this year's list of the top 25 most dangerous weaknesses plaguing software during the previous two years....
New EarlyRAT malware linked to North Korean Andariel hacking group
Security analysts have discovered a previously undocumented remote access trojan (RAT) named 'EarlyRAT,' used by Andariel, a sub-group of the...
Proton launches open-source password manager with some limitations
Proton AG has announced the global availability of Proton Pass, an open-source and free-to-use password manager available as a browser...
Pro-Russia DDoSia hacktivist project sees 2,400% membership increase
The pro-Russia crowdsourced DDoS (distributed denial of service) project, 'DDoSia,' has seen a massive 2,400% growth in less than a...
Criminal IP Unveils Bug Bounty Program to Boost User Safety, Security
Criminal IP, an OSINT-based CTI search engine provided by AI SPERA, has recently announced the introduction of a bug bounty...
New Mockingjay process injection technique evades EDR detection
A new process injection technique named 'Mockingjay' could allow threat actors to bypass EDR (Endpoint Detection and Response) and other...
Just released: Session tracks for Mandiant’s 2023 mWISE event
Mark your calendar for mWISE™, the uniquely targeted, community-focused cybersecurity conference from Mandiant. It runs from September 18 – 20,...
8Base ransomware gang escalates double extortion attacks in June
A 8Base ransomware gang is targeting organizations worldwide in double-extortion attacks, with a steady stream of new victims since the...
Hundreds of devices found violating new CISA federal agency directive
Censys researchers have discovered hundreds of Internet-exposed devices on the networks of U.S. federal agencies that have to be secured...
EncroChat takedown led to 6,500 arrests and $979 million seized
Europol announced today that the takedown of the EncroChat encrypted mobile communications platform has led to the arrest of over...
Siemens Energy confirms data breach after MOVEit data-theft attack
Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in...
NPM ecosystem at risk from “Manifest Confusion” attacks
The NPM (Node Package Manager) registry suffers from a security lapse called "manifest confusion," which undermines the trustworthiness of packages...
Exploit released for new Arcserve UDP auth bypass vulnerability
Data protection vendor Arcserve has addressed a high-severity security flaw in its Unified Data Protection (UDP) backup software that can...
Brave Browser boosts privacy with new local resources restrictions
The Brave team has announced that the privacy-centric browser will soon introduce new restriction controls allowing users to specify how...
Linux version of Akira ransomware targets VMware ESXi servers
The Akira ransomware operation uses a Linux encryptor to encrypt VMware ESXi virtual machines in double-extortion attacks against companies worldwide....
The Current State of Business Email Compromise Attacks
Business Email Compromise (BEC) poses a growing threat to businesses of all sizes. As BEC attacks have almost doubled across...
Suncor Energy cyberattack impacts Petro-Canada gas stations
Petro-Canada gas stations across Canada are impacted by technical problems preventing customers from paying with credit card or rewards points...
Man charged in US for running ‘Monopoly’ darknet drug market
A 33-year-old man from Serbia has been extradited from Austria to the United States to face charges of running a...
Anatsa Android trojan now steals banking info from users in US, UK
A new mobile malware campaign since March 2023 pushes the Android banking trojan 'Anatsa' to online banking customers in the...
Hackers steal data of 45,000 New York City students in MOVEit breach
The New York City Department of Education (NYC DOE) says hackers stole documents containing the sensitive personal information of up...
