In a recent report by Trend Micro, the cybercriminal group known as Pawn Storm, engaged in hacking operations targeting key global organizations since 2004, is detailed. Despite the seemingly outdated nature of their methods,...
In Italy, cybercriminal activity known as UNC4990, which employs infected USB devices to launch attacks across various sectors including healthcare, transportation, construction, and logistics, was reported by Mandiant on January 30. Active since late...
For several months, an exceptionally sensitive trove of data belonging to Binance lingered in a public GitHub repository. As revealed by 404 Media, this dataset encompassed codes, infrastructure blueprints, internal passwords, and other technical...
Ivanti has released a suite of patches for vulnerabilities in its Connect Secure (ICS) and Policy Secure (IPS) gateways. Concurrently, the company has identified two new zero-day vulnerabilities, one of which is being actively...
In November 2023 and January 2024, Myanmar’s Ministry of Defense and Ministry of Foreign Affairs were targeted by cyberattacks, presumably orchestrated by the Chinese hacker collective known as Mustang Panda. This information was disclosed...
In a collaborative effort between ESET and the Brazilian Federal Police, significant strides were made to dismantle the activities of the Grandoreiro botnet, which led to victims incurring losses of $3.9 million. According to...
Fulton County, Georgia’s most populous district, with a population exceeding one million inhabitants, encountered a significant disruption in its information systems due to a cyberattack over the weekend. The county’s Board of Commissioners announced...
CyberArk has released an online version of its White Phoenix tool, a free decryptor for files compromised by ransomware using intermittent encryption. Initially presented in May last year as a Python project on GitHub,...
Cybersecurity experts recently detected a resurgence of the ZLoader malware campaign, nearly two years after the botnet’s infrastructure was dismantled in April 2022. Zscaler reports the development of a new variant of ZLoader since...
Experts at Resecurity have uncovered a substantial compromise in the dark web involving over 1,570 stolen client credentials from four out of the five largest internet Regional Internet Registries (RIRs), including RIPE, APNIC, AFRINIC,...
Recently, a significant local privilege escalation (LPE) vulnerability was identified in the GNU C Library (glibc). Tracked as CVE-2023-6246, this security flaw stems from the “__vsyslog_internal()” function in glibc, responsible for logging messages in...
Cybersecurity researchers have identified a new variant of the Phobos ransomware family named Faust, as reported by FortiGuard Labs of Fortinet. Faust, part of the Phobos lineage including Eking, Eight, Elbie, Devos, and 8Base,...
Automotive giant Mercedes-Benz narrowly avoided a significant leak of confidential internal data. Cybersecurity firm RedHunt Labs discovered that a Mercedes employee had inadvertently left a developer key publicly accessible online, offering unrestricted access to...
A Canadian court has sentenced 33-year-old Matthew Philbert to two years in prison after he pleaded guilty to disseminating ransomware and launching malicious attacks on individuals, businesses, and government institutions. Philbert, arrested in Canada...
Researchers from Trustwave have reported a steady increase in the use of a Phishing-as-a-Service (PhaaS) platform called Greatness, which targets the collection of Microsoft 365 user credentials. Greatness is marketed to other cybercriminals as...
Security experts from Malwarebytes have recently uncovered a malicious campaign targeting Chinese-speaking users, who fell victim to cybercriminals through the Google Ads advertising service. Cybercriminals exploited Google advertiser accounts to create fraudulent ads that...
