In February, a high-profile cyberattack on Change Healthcare caused significant disruptions in the operations of US medical facilities. Andrew Witty, CEO of UnitedHealth Group (the parent company of Change Healthcare), revealed that the attack...
The hacker group, dubbed Muddling Meerkat by security researchers, has been utilizing sophisticated Domain Name System (DNS) methodologies to conduct espionage activities across global networks since October 2019. According to Infoblox, a firm specializing...
An international team of scientists, led by specialists from the University of California, San Diego, has identified a new type of attack targeting the branch prediction component at the microarchitectural level. The findings, which...
The Czech cybersecurity firm Avast has been fined $14.8 million for violating the GDPR. The fine was imposed by the Czech Office for Personal Data Protection (ÚOOÚ) following an investigation into the activities of...
In a recent campaign involving the dissemination of the AgentTesla malware, as meticulously analyzed by experts at SonicWall, perpetrators employed VBA macros in Word documents to conduct a fileless injection attack, where the malicious...
Researchers from Sekoia have revealed alarming details about the malicious worm PlugX, which, having been abandoned by its creators many years ago, continues to autonomously spread and infect millions of computers worldwide. PlugX, believed...
The Lazarus Group, a notorious hacking collective traditionally associated with North Korea, utilized enticing job offers to deliver a new Remote Access Trojan (RAT) known as Kaolin RAT during attacks targeting individuals in Asia...
Researchers have uncovered a hacking campaign known as DEV#POPPER, targeting software developers. The perpetrators disguise themselves as employers and distribute fictitious job offers to IT specialists. Their true intent is to implant a dangerous...
The Reserve Bank of India has imposed a ban on Kotak Mahindra Bank, prohibiting the registration of new customers via online services and applications. This measure was taken after “significant deficiencies” were identified in...
Over 1,400 internet-accessible CrushFTP servers are vulnerable to attacks exploiting the critical server vulnerability CVE-2024-4040. This flaw, whose active exploitation was previously reported at the beginning of the week, allows unauthorized attackers to access...
Cybercriminals have begun to exploit a critical vulnerability in the WP Automatic plugin for WordPress, enabling them to create accounts with administrative privileges and install backdoors for long-term access. Installed on over 30,000 sites,...
In recent weeks, there has been an intensification of cyberattacks on Indian government bodies, initiated by groups linked to Pakistan. The analytical team at Seqrite Labs has identified several campaigns in which remote access...
