A service called Spy Pet has raised alarms among Discord users by offering archival and activity tracking services on the platform for a nominal fee of $5. Spy Pet enables third parties, potentially including...
At the end of last year, a major American automobile manufacturer, whose name has not been disclosed, fell victim to a targeted attack orchestrated by the hacker group FIN7. According to researchers from BlackBerry,...
Forescout has detected a new campaign exploiting a vulnerability in Fortinet FortiClient EMS devices to disseminate malware. The SQL injection vulnerability, CVE-2023-48788 (CVSS score: 9.8), enables unauthorized attackers to execute code through specially crafted...
A new type of banking malware for Android, named “SoumniBot,” employs an unconventional obfuscation method that leverages vulnerabilities in the process of extracting and analyzing the Android manifest. This allows it to circumvent standard...
Since 2015, certain Ukrainian government networks have remained infected with a malicious program known as OfflRouter. Researchers from Cisco Talos have analyzed over 100 infected documents, which enabled them to identify the virus’s ongoing...
American mobile service providers T-Mobile and Verizon have been besieged by a wave of cybercriminal attacks, wherein employees are bombarded with messages on both personal and work phones offering financial incentives for engaging in...
Fortinet reports that malicious actors continue to exploit a year-old vulnerability in TP-Link routers, incorporating them into various botnets for conducting DDoS attacks. The command injection vulnerability, CVE-2023-1389 (CVSS score: 8.8), was identified at...
In the first quarter of 2024, the Philippines witnessed a sharp increase in cyberattacks amid escalating tensions in the South China Sea, as reported by Resecurity. Compared to the same period last year, the...
In 2023, the United States food and agriculture sector encountered no fewer than 167 ransomware attacks, ranking it as the seventh most vulnerable among all industries in the country, according to the inaugural annual...
The developers of PuTTY are issuing a warning about a critical vulnerability affecting versions 0.68 to 0.80, which could potentially allow an attacker to completely reconstruct private NIST-P521 keys. The vulnerability, identified as CVE-2024-31497,...
International cybersecurity is under threat following a discovery by Cisco Talos experts of a large-scale credential stuffing campaign targeting VPN and SSH services of companies including Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti. The campaign...
Palo Alto Networks’ Unit 42 reports that the cybercriminal group Muddled Libra is actively targeting cloud applications and cloud service providers in a bid to steal confidential data. According to the report, the attackers...
Recently, the cybercriminal group TA558 has significantly increased its malicious activities, attacking organizations worldwide with various types of malware. Security specialists from Positive Technologies have identified over 320 attacks carried out by this group....
The cybercriminal group Daixin Team has claimed responsibility for the recent attack on the Omni Hotels & Resorts network and threatens to release confidential customer information unless a ransom is paid. Omni Hotels operates...
The latest study by Kaspersky Lab delves into the ramifications of the LockBit 3.0 builder leak that occurred in 2022. This event significantly empowered cybercriminals to create highly customizable malicious software versions, enhancing the...
A third-party company responsible for the telecommunication services used in Cisco Duo’s multi-factor authentication (MFA) system was subjected to a cyberattack employing social engineering tactics. Consequently, Cisco has urged its clients to exercise extreme...