ESET analyzed 17 espionage frameworks designed to target air-gapped networks, finding that they all leverage USB drives and are meant to target Windows systems. The list of these frameworks has been developed over the course of 15 years, but the last…

Finland's National Cyber Security Center (NCSC-FI) issued an alert about a FluBot malware campaign that has been targeting Android users in the country since July 2021. The infamous banking malware, now active in Finland, has affected thousands of users…

According to the FBI, threat actors behind the Cuba ransomware variant have already amassed $44m through targeting at least 49 victims.  The FBI noted that the group had demanded at least $74m from its victims. These victims frequently come from…

The Delta-Montrose Electric Association (DMEA) in Colorado faced a severe hack that resulted in the takedown of 90 percent of its internal systems and the loss of 25 years of historical data. The incident affected the company's customer service systems,…

Like sighted people, blind people post on Instagram, text photos to group chats, and more. They also learn about their visual surroundings through photos. Blind users often share their images with Microsoft's Seeing AI, Be My Eyes, and other…

Threat researchers at Lookout are helping to take down a phishing campaign targeting members of the United States military and their families. The scammers behind the long-running campaign impersonate military support organizations and personnel to…

According to researchers, online fraudsters have reacted quickly to news of a potentially new severe COVID-19 variant and have carefully crafted a phishing email campaign.  Consumer rights group Which? spotted the email, which is designed to appear…

Researchers from the Ruhr University Bochum (RUB) and Niederrhein University of Applied Sciences have discovered 14 new types of attacks on web browsers. These attacks are known as cross-site leaks (XS-Leaks). Through the use of XS-Leaks, a malicious…

​Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers.

The Los Angeles branch of Planned Parenthood was hit by a data breach involving about 400,000 patients. However, there is no indication that the information accessed by the adversary was used for fraudulent purposes the group said. The organization…

Security researchers at Group-IB have recorded a 935% year-on-year increase in double extortion attacks, with data from over 2300 companies posted onto ransomware extortion sites. The Group-IB findings are from the second half of 2020 to the first half…

The BlackByte ransomware gang is breaching corporate networks through the exploitation of Microsoft Exchange ProxyShell vulnerabilities. The ProxyShell vulnerabilities can be chained together to enable unauthenticated, remote code execution, thus…