Category: Threats & Malware

April 1, 2024

Jamf Threat Labs researchers analyzed info stealer malware attacks targeting macOS users via malicious ads and rogue websites. One of the attacks spotted by the researchers relied on sponsored ads proposed to the users while searching for “Arc Browser” on […]

April 1, 2024

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. “Vultur has also started […]

March 29, 2024

Identified on April 17, the attack impacted systems associated with Point32Health’s Harvard Pilgrim Health Care brand, including systems serving Harvard Pilgrim Health Care Commercial and Medicare Advantage Stride plans and “used to service members, accounts, brokers, and providers”. “The investigation […]

March 27, 2024

Cybercrooks are exploring ways to develop custom, malicious large language models after existing tools such as WormGPT failed to cater to their demands for advanced intrusion capabilities, security researchers said. Undergrounds forums teem with hackers’ discussions about how to exploit […]

March 27, 2024

The Black Lotus Labs team at Lumen Technologies uncovered an updated version of “TheMoon” bot targeting end-of-life (EoL) small home/small office (SOHO) routers and IoT devices. The new version of the bot has been spotted infecting thousands of outdated devices […]

March 26, 2024

There are two main ways to recover encrypted data in a ransomware attack: restoring from backups and paying the ransom. Compromising an organization’s backups enables adversaries to restrict their victim’s ability to recover encrypted data and dial-up the pressure to […]

March 25, 2024

If your Windows domain controllers have been crashing since a security update was installed earlier this month, there’s no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the […]

March 25, 2024

Proofpoint researchers observed the Iran-linked APT group MuddyWater (aka SeedWorm, TEMP.Zagros, TA450, and Static Kitten) was behind a new phishing campaign in March 2024 that attempted to drop a legitimate Remote Monitoring and Management (RMM) solution called Atera on the […]

March 21, 2024

93% of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47% last year, according to Thales. The number of enterprises experiencing ransomware attacks surged by over 27% in the past year. Despite this […]

March 20, 2024

Data loss is a problem stemming from the interaction between humans and machines, and ‘careless users’ are much more likely to cause those incidents than compromised or misconfigured systems, according to Proofpoint. While organizations are investing in ​Data Loss Prevention […]

March 20, 2024

Trend Micro researchers are exploiting the recently disclosed vulnerabilities CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score 7.3) security flaws in JetBrains TeamCity to deploy multiple malware families and gain administrative control over impacted systems. In early March, Rapid7 researchers […]

March 19, 2024

Mintlify helps developers generate code documentation. It requires access to the source code, such as GitHub repositories, to analyze it, understand its purpose, and create descriptions. In an incident notice on its website, the San Francisco-based company says that 91 […]

March 19, 2024

The Ukraine cyber police and the national police have arrested three individuals who are suspected to have hacked over 100 million emails and Instagram accounts worldwide and offered them for sale. The three men obtained the account credentials by carrying […]

March 18, 2024

The research focused on WebGPU, an API that enables web developers to use the underlying system’s GPU to carry out high-performance computations in a web browser. By leveraging this API, they have demonstrated an attack that works entirely from the […]

March 18, 2024

According to the company, it discovered that multiple work computers within its environment were infected with malware and disconnected them from the network. Furthermore, Fujitsu said in an incident notification written in Japanse, the investigation into the attack has revealed […]

March 15, 2024

A French government agency suffered a cyberattack which has apparently resulted in the country’s largest-ever data leak incident, affecting as many as 43 million victims. The agency is called France Travail, the country’s unemployment registry and assistance organization, which helps […]

March 14, 2024

Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident. Nissan immediately notified the Australian Cyber Security Centre and the New Zealand National […]

March 14, 2024

Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. “An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability [CWE-89] in FortiClientEMS […]

March 13, 2024

In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos. Attackers subsequently use this stolen information to gain unauthorized remote access, extort victims, deploy ransomware, […]

March 12, 2024

On January 24, the company announced that some of its systems were taken offline due to “a technical issue” and that services would be disrupted for several days. EquiLend, which confirmed the next day that the disruption was caused by […]