Security researchers at Check Point Research have discovered that a malicious live software service named TrickGate has been used by threat actors to bypass endpoint detection and response (EDR) protection software for over six years.  The…

Researchers in the UK have discovered vulnerabilities in the Power Management Bus (PMBus) for processors that can render server boards inoperable. Zitai Chen and David Oswald of the University of Birmingham identified the PMFault vulnerabilities in the…

Microsoft has urged administrators of on-premises Exchange servers to keep them patched and updated, warning that attackers "are not going to go away." The company stated that customers should install the latest available Cumulative Update (CU) and…

In recent months, the Google Play Store has housed an increasing amount of malicious activity, according to a new study. A study by Dr.Web discovered a significant rate of spyware, as well as a large number of fake apps and Trojans, intended to subscribe…

The Russia-Ukraine war emboldened cybercriminals, and Ransomware-as-a-Service (RaaS) began to flourish in 2022, presenting more challenges for enterprise security. According to the report "Global Cyber Security Outlook 2023" from the World Economic Forum…

A cyberattack on the fashion retailer JD Sports has resulted in the exposure of millions of customers' personal information. The company disclosed that as many as ten million user accounts may have been compromised. Names, phone numbers, order details,…

Ukrainian cyber experts have discovered multiple pieces of destructive malware that, earlier this month, were used in an attack targeting the country’s national news agency (Ukrinform).  After being asked by Ukrinform to investigate, a team at the…

Gamaredon, a Russian cyber espionage group, may have been responsible for the recent phishing attack on Latvia's Ministry of Defense. Several employees of the ministry received malicious emails from hackers posing as Ukrainian government officials, but…

Pro-Russian hackers took notice of Germany's decision to send 14 Leopard 2 tanks to Ukraine. The number of cyberattacks on German targets jumped by 35 percent after Chancellor Olaf Scholz agreed to provide tanks to Ukraine. According to the cyber…

Gurucul reports that 3 percent of cybersecurity professionals it surveyed are not worried about insider risk. With responses from more than 325 cybersecurity professionals, this research examines the most recent trends and challenges that organizations…

Google's Threat Analysis Group (TAG) has been working to disrupt the online presence of the pro-Chinese Influence Operation (IO) Dragonbridge, also known as Spamoflage Dragon, eradicating over 50,000 instances of activity across Twitter, YouTube, Blogger…

The UNC2565 group behind the GOOTLOADER malware, also known as Gootkit, continues to develop their code by adding new components and adopting new obfuscation techniques, according to researchers at Mandiant. Gootkit uses an Access-as-a-Service (AaaS)…