News
-
"Alleged Seller of NetWire RAT Arrested in Croatia"As part of a global law enforcement operation, federal authorities in Los Angeles successfully seized a domain used by cybercriminals to distribute the NetWire Remote Access Trojan (RAT). The NetWire RAT enabled cybercriminals to take control of infected…
-
"Akamai Mitigates Record-Breaking 900Gbps DDoS Attack in Asia"Akamai mitigated the largest Distributed Denial-of-Service (DDoS) attack ever launched against a customer in the Asia-Pacific region. DDoS is an attack that delivers a high volume of garbage requests to a targeted server, therefore depleting its capacity…
-
"Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant"ThreatFabric's most recent research reveals that a new variant of the Android banking Trojan known as Xenomorph has been seen in the wild. Hadoken Security Group, the threat actor behind the operation, dubbed the updated version "Xenomorph 3rd generation…
-
"IceFire Ransomware Portends a Broader Shift From Windows to Linux"Hackers have launched the IceFire ransomware against Linux enterprise networks, a notable change for malware that was once exclusive to Windows. According to a report by SentinelOne, this may reflect an emerging trend. Recently, ransomware actors have…
-
"5 Best Practices from Industry for Implementing a Zero Trust Architecture"Researchers at Carnegie Mellon University (CMU) have detailed five zero trust best practices. When considering going through a zero trust transformation, it is crucial to develop and maintain a comprehensive inventory of Data, Applications, Assets, and…
-
"SAFECOM and NCSWIC Release LLA and LLE: Are You Really Secure?"The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) is bringing attention to whether there is true security when using a Land Mobile Radio (LMR). Most Project 25 (P25) radio systems include built-in safeguards,…
-
"DC Healthcare Exchange Breach Leaked Sensitive Data of Congress Members, Staff"Congress was notified about a data breach involving the DC Health Link healthcare exchange platform, which exposed personal information belonging to members and staff of the legislative body. According to a letter from Catherine Szpindor, the chief…
-
"Fake ChatGPT Chrome Extension Pilfers Facebook Accounts"Researchers at the cybersecurity firm Guardio discovered that a malicious browser extension called "Quick access to Chat GPT" tries to hijack Facebook accounts and distribute itself in a "worm-like" fashion. Additionally, the extension collects browser…
-
"Fifth of Government Workers Don't Care if Employer is Hacked"Security researchers at Ivanti have discovered that a culture of unaccountability, poor cyber hygiene, and limited staff training are creating a perfect storm of cyber risk for governments worldwide, with many workers unbothered about the prospect of a…
-
"Massive GitHub Analysis Reveals 10 Million Secrets in 1 Billion Commits"GitGuardian scanned 1.02 billion new GitHub commits in 2022, a 20 percent increase from 2021, and discovered 10 million instances of secrets, a 67 percent increase. There is a misconception that junior developers are mostly responsible for hard-coded…
-
"Bitwarden Flaw Can Let Hackers Steal Passwords Using iframes"Bitwarden is a popular open-source password management solution with a web browser extension that stores account usernames and passwords in an encrypted vault. Bitwarden's auto-fill functionality for credentials exhibits a risky behavior that could allow…
-
"New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic"The cryptocurrency mining group called 8220 Gang has been using a new crypter called ScrubCrypt in cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain begins with successfully exploiting vulnerable Oracle WebLogic servers to…