News
-
"Malware-as-a-Service Flaunts Its Tally of Users and Victims"DuckLogs is a new Malware-as-a-Service (MaaS) operation that provides low-skilled attackers with easy access to several modules to steal information, log keystrokes, read clipboard data, and get remote access to a compromised host. A recent Cyble…
-
"Ransomware Leads to Nantucket Public Schools Shutdown"For the second day in a row, public schools on the tiny island of Nantucket remained closed Wednesday as administrators scrambled to cope with a ransomware attack on its computer systems. Nantucket’s five public schools shut their doors to students…
-
"PoC of VMware vRealize Log Insight Vulnerabilities Said to Launch RCE"Researchers published a Proof-of-Concept (PoC) of a series of VMware vRealize Log Insight vulnerabilities to show that attackers could exploit the flaws to perform Remote Code Execution (RCE) as root. VMware recently provided patches and workarounds for…
-
"87 Percent of Container Images Have High-Risk Vulnerabilities"According to a new report from Sysdig, security teams are facing a large number of container vulnerabilities due to the nature of modern software design and the sharing of open-source images. Based on real-world data sets encompassing billions of…
-
"A Fresh Look at Restoring Power to the Grid"Computer scientists at Sandia National Laboratories have been developing an innovative computer model to help grid operators quickly restore power to the grid following disruptions such as a successful cyberattack or other extreme weather events. This…
-
"Cybercrime Is World's Third-Largest Economy Thanks to Booming Black Market"According to the World Economic Forum (WEF), cybercrime has become the world's third-largest economy, following the US and China. Cybercrime is estimated to cost $8 trillion globally in 2023 and $10.5 trillion in 2025, according to Cybersecurity Ventures…
-
"Almost all Organizations are Working with Recently Breached Vendors"With the rise of supply chain attacks, the security of suppliers, clients, and business partners is under increased scrutiny. This led security rating provider SecurityScorecard and the Cyentia Institute to investigate organizations' worldwide…
-
"BEC Group Uses Open Source Tactics in Hundreds of Attacks"Security researchers at Abnormal Security have warned of a highly successful new business email compromise (BEC) group that has targeted hundreds of victims in the past two years using fairly unsophisticated techniques. Dubbed “Firebrick Ostrich,”…
-
"Hackers Lifted $3.8 Billion From Crypto Investors in 2022"According to researchers at Chainalsyis, hackers stole $3.8 billion from crypto investors in 2022, a 13% increase from 2021 and marking a new all-time high for the annual theft of digital coins. This rise in crypto hacks is just the latest…
-
"New LockBit Green Ransomware Variant Borrows Code From Conti Ransomware"LockBit ransomware operators have introduced a new version of their malware called LockBit Green, which targets cloud-based services. After LockBit Red and LockBit Black, this is the third version of ransomware created by the gang. Affiliates of the…
-
"Over 29,000 QNAP Devices Unpatched Against New Critical Flaw"Tens of thousands of QNAP Network-Attached Storage (NAS) devices are awaiting a patch for a recently addressed critical security vulnerability. This SQL injection vulnerability can be used by remote threat actors to inject malicious code in attacks…
-
"Prilex POS Malware Evolves to Block Contactless Payments to Steal from NFC Cards"The Brazilian threat actors behind Prilex, a sophisticated and modular point-of-sale (POS) malware, have reemerged with new updates that enable it to prevent contactless payment transactions. Researchers identified three variants of Prilex that can…