Ransomware strikes businesses every 11 seconds. The ransomware attack volume is already at record levels, but we’re hearing it’s only gettin...
Read More
Weekly Update 328
Presently sponsored by: 1Password, a secure password manager, is building the passwordless experience you deserve. See how passkeys work We ...
Read More
Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers
A security researcher was awarded a bug bounty of $107,500 for identifying security issues in Google Home smart speakers that could be explo...
Read More
New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software
Users searching for popular software are being targeted by a new malvertising campaign that abuses Google Ads to serve trojanized variants t...
Read More
BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies
Decentralized multi-chain crypto wallet BitKeep on Wednesday confirmed a cyberattack that allowed threat actors to distribute fraudulent ver...
Read More
Vice Ransomware Group Uses Custom Ransomware with New Encryption Algorithms
Cybersecurity analysts at SentinelOne security firm have recently identified that the Vice Society ransomware gang has switched to custom ra...
Read More
PrivateLoader PPI Service Found Distributing Info-Stealing RisePro Malware
The pay-per-install (PPI) malware downloader service known as PrivateLoader is being used to distribute a previously documented information-...
Read More
Why Can’t Company Giants Escape Cybersecurity Breaches?
Security breaches have constantly been on a rise in recent times. Just last month, in the course of a week, Uber took its internal communica...
Read More
Godfather Android Malware Stealing Login Credentials of Over 400 Bank Users
In recent years, Android users have been experiencing a rise in the incidence of the GodFather banking trojan, mainly targeting European use...
Read More
France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
France's privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft's Ireland subsidiary for dropping advert...
Read More
New Zerobot Malware Exploiting Apache Vulnerabilities to Launch DDoS Attack
As a result of the exploitation of security vulnerabilities found on unpatched Apache servers that are exposed to the Internet, the Zerobot ...
Read More
Raspberry Robin Malware Attacks Against Telecom and Government Sectors
Trend Micro researchers noticed Raspberry Robin in recent attacks on telecommunications service providers and government networks. The Raspb...
Read More
Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations
Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rule...
Read More
KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service
An ongoing analysis of the KmsdBot botnet has raised the possibility that it's a DDoS-for-hire service offered to other threat actors. T...
Read More
Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India
Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 l...
Read More
New DDoS Botnet Malware Infecting Windows, Linux, and IoT Devices
A cross-platform botnet, ‘MCCrash’ that starts out from malicious software downloads on Windows devices and spreads to a range of Linux-base...
Read More
What happens once scammers receive funds from their victims
In this Help Net Security video, Ronnie Tokazowski, Principal Threat Advisor at Cofense, offers insight into the world’s most lucrative cybe...
Read More
Top 12 Best Open Source Intelligence Tools (OSINT Tools) for Penetration Testing 2023
We all know very well that getting or gathering any information by using various tools becomes really easy. In this article, we have discuss...
Read More
Google Takes Gmail Security to the Next Level with Client-Side Encryption
Google on Friday announced that its client-side encryption for Gmail is in beta to its Workspace and education customers to secure emails se...
Read More
Goodbye SHA-1: NIST Retires 27-Year-Old Widely Used Cryptographic Algorithm
The U.S. National Institute of Standards and Technology (NIST), an agency within the Department of Commerce, announced Thursday that it'...
Read More
FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms
The U.S. Department of Justice (DoJ) on Wednesday announced the seizure of 48 domains that offered services to conduct distributed denial-of...
Read More
Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware
Cybersecurity researchers have published the inner workings of a new wiper called Azov Ransomware that's deliberately designed to corrup...
Read More
Key Cybersecurity Takeaways from 2022
2022 was a noteworthy year in cybersecurity. We saw a steady rise in cybercrime, continuing the trend from previous years. But we also saw a...
Read More
Uber Hacked Again? – Data from Uber and Uber Eats Published on Hacking Forums
Uber has been the subject of a new cyberattack. Early on Saturday morning, a threat actor going by the name of “UberLeaks” began publishing ...
Read More
Japan, Australia, to bolster cyber-defenses, maybe offensive capacity too
FTX Japan payment promise evaporates; VR/AR to boom across APAC; Google wins privacy case Asia In Brief Australia’s home affairs and cybers...
Read More
Red Team and Blue Team Operations : How Does it Works?
Security is a multifaceted field with multiple roles for carrying out diverse operations. In this article, we demystify the concept of the r...
Read More
Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financia...
Read More
New MuddyWater Campaign Uses Legitimate Remote Administration Tools to Deploy Malware
Deep Instinct identified a new MuddyWater threat campaign active since at least 2017, and frequently conducts campaigns against high-value t...
Read More
New Dark Web Website Allows Hackers to Embed Malware to Legitimate Android Apps
ThreatFabric’s researchers found ‘Zombinder’, a third-party darknet service that was used to bind malware payloads to legitimate Android app...
Read More
Kali Linux 2022.4 Released With New Hacking Tools & Azure Images
The most recent Kali Linux release for 2022, Kali Linux 2022.4, from Offensive Security includes updated desktop experiences, new Azure and ...
Read More
Microsoft Alerts Cryptocurrency Industry of Targeted Cyberattacks
Cryptocurrency investment companies are the target of a developing threat cluster that uses Telegram groups to seek out potential victims. M...
Read More
Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide
Cybersecurity researchers have shed light on a darknet marketplace called InTheBox that's designed to specifically cater to mobile malwa...
Read More
Understanding NIST CSF to assess your organization's Ransomware readiness
Ransomware attacks keep increasing in volume and impact largely due to organizations' weak security controls. Mid-market companies are t...
Read More
Telcom and BPO Companies Under Attack by SIM Swapping Hackers
A persistent intrusion campaign has set its eyes on telecommunications and business process outsourcing (BPO) companies at lease since June ...
Read More
Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems
The maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that c...
Read More
BlackProxies – A Criminal Proxy Services Selling a Million Access to Hackers
DomainTools analysts have recently spotted a new residential proxy market which is dubbed “BlackProxies” that is aggressively gaining huge p...
Read More
Better together: Offsetting cybersecurity’s labor challenges with API integrations
To offset cybersecurity labor challenges, adopt security tools and platforms with a deep library of API and third-party integrations. This a...
Read More
10 Best Bot Protection Software – 2023
Bot protection software or bot mitigation software plays a vital role in protecting websites and web apps from malicious traffic. A ‘bot’ (s...
Read More
Critical RCE Flaw With 2M Downloaded Android Remote Keyboard Apps Let Attackers Access keystrokes
Multiple critical vulnerabilities were found by the security researchers at Synopsys in three Android apps that enable users to control comp...
Read More
New Flaw in Acer Laptops Let Attackers Disable Boot Protection
Experts from Acer observed multiple Acer laptop models have vulnerabilities that might let hackers disable the ‘Secure Boot’ function and se...
Read More
Irish Regulator Fines Facebook $277 Million for Leak of Half a Billion Users' Data
Ireland's Data Protection Commission (DPC) has levied fines of €265 million ($277 million) against Meta Platforms for failing to safegua...
Read More
The 5 Cornerstones for an Effective Cyber Security Awareness Training
It's not news that phishing attacks are getting more complex and happening more often. This year alone, APWG reported a record-breaking ...
Read More
Over a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote Attacks
Over a dozen security flaws have been discovered in baseboard management controller (BMC) firmware from Lanner that could expose operational...
Read More
U.S. Banned Chinese Telecom & Surveillance Cameras That Pose National Security Threat
The US has banned the import and sale of Chinese telecom equipment and security camera systems from Huawei, ZTE, Hytera Communications, Hikv...
Read More
Massive Twitter Breach – Over 5.4 Million users’ Data Leaked Online
It has been discovered recently that over 5.4 million personal records of Twitter users have been stolen by threat actors and publicly expos...
Read More
Compromised Data of Over 9 Million Health Insurance Users Is Being Exposed On the Dark Web
After hitting Australian telecommunications company Optus, in which the information of over 9 million users has been exposed, cybercriminals...
Read More
Elon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct Messages
Twitter chief executive Elon Musk confirmed plans for end-to-end encryption (E2EE) for direct messages on the platform. The feature is part ...
Read More
Reasons for Being Updated ISO 27001 Crucial For Business Security
The supplier of the UK’s National Health Service, Advanced, faced a cyberattack on 4 august 2022 in the morning. It worked as a vicious ex...
Read More
All You Need to Know About Emotet in 2022
For 6 months, the infamous Emotet botnet has shown almost no activity, and now it's distributing malicious spam. Let's dive into det...
Read More
Update Chrome Browser Now to Patch New Actively Exploited Zero-Day Flaw
Google on Thursday released software updates to address yet another zero-day flaw in its Chrome web browser. Tracked as CVE-2022-4135, the h...
Read More
Subscribe to:
Posts (Atom)