News
-
"75% of Education Sector Attacks Linked to Compromised Accounts"According to security researchers at Netwrix, 69% of organizations in the education sector suffered a cyberattack within the last 12 months. Phishing and user account compromise were the most common attack paths for these organizations, while…
-
"Lazarus Steals $41M From Virtual Betting Site"The FBI has revealed that the North Korean threat group Lazarus stole $41 million in cryptocurrencies from Stake[.]com, including Ethereum. According to the FBI, its investigation has found that North Korean cyber actors moved stolen funds associated…
-
"New Phishing Campaign Launched via Google Looker Studio"Security researchers at Check Point have observed threat actors using Google Looker Studio to create fake crypto pages that are then delivered to the intended victims in emails sent from the legitimate tool itself. The message contains a link to…
-
"Emsisoft Tells Users to Update Products, Reboot Systems Due to Certificate Mishap"Endpoint security firm Emsisoft urges its users to update their anti-malware and other security products and reboot their systems after using an improperly issued digital certificate to sign them. The company stated that the problem affects its…
-
"Patch 'Em or Weep: Study Reveals Most Vulnerable IoT, Connected Assets"Armis, a company specializing in asset visibility and security, has identified the connected assets that pose the greatest threat to global enterprises. New research from Armis, based on an analysis from its Asset Intelligence Engine, focuses on…
-
"Atomic macOS Stealer Malware Delivered via Malvertising Campaign"According to security researchers at Malwarebytes, a piece of malware named Atomic macOS Stealer, or AMOS, has been delivered by cyber criminals through a malvertising campaign. AMOS emerged in the spring when its creators started advertising it…
-
"North Korean Hackers Target Security Researchers With Zero-Day Exploit"Using a zero-day exploit, North Korean threat actors are attempting to compromise the machines of security researchers. The warning comes from Google's security researchers Clement Lecigne and Maddie Stone, who have described the government-backed attack…
-
"Iranian Hackers Breach US Aviation Org via Zoho, Fortinet Bugs"The US Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the US Cyber Command (USCYBERCOM) published a joint advisory revealing that state-sponsored hacking groups exploited critical Zoho and Fortinet vulnerabilities to compromise a…
-
"Weaponized Windows Installers Target Graphic Designers in Crypto Heist"A cryptocurrency-mining campaign targeting 3D modelers and graphic designers with malicious versions of a legitimate Windows installer tool has been ongoing since at least November 2021. According to a report by Cisco Talos Threat Researcher Chetan…
-
"Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones"Apple has released emergency security updates for iOS, iPadOS, macOS, and watchOS to patch two zero-day vulnerabilities exploited in the wild to deliver NSO Group's Pegasus mercenary spyware. The first vulnerability, tracked as CVE-2023-41061, is a…
-
"Trustwave Releases New SpiderLabs Research Focused on Actionable Cybersecurity Intelligence for the Hospitality Industry"In a report titled "2023 Hospitality Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies," Trustwave shares research on the cybersecurity risks faced by the hospitality industry. Trustwave SpiderLabs has documented…
-
"Exposing Deepfake Imagery"Deepfakes, or images and videos created or altered by Artificial Intelligence (AI), are becoming increasingly sophisticated, causing widespread concern among scientists, journalists, and government officials. Rushit Dave, a computer scientist at…