A new campaign spreading the RomCom backdoor malware impersonates the websites of well-known or fictitious software in order to deceive users into downloading and launching malicious installers. Trend Micro researchers, who have tracked RomCom since the…

According to Fortinet, protecting Operational Technology (OT) systems is more important than ever as more organizations connect their OT environments to the Internet. While the convergence of Information Technology (IT) and OT has numerous advantages, it…

It has been discovered that spyware masquerading as a marketing Software Development Kit (SDK) has infested 101 Android apps, with over 421 million downloads. Researchers at Doctor Web refer to the malicious SDK as "SpinOk" and report that it is…

EPFL researchers collaborated with the International Committee of the Red Cross (ICRC) to develop a privacy-preserving humanitarian aid distribution system. The system's design uses tokens to decentralize the storage and processing of recipient data,…

GobRAT, a new Remote Access Trojan (RAT) written in the Go programming language, targets Linux routers in Japan, according to the JPCERT Coordination Center. To execute malicious scripts and deploy the GobRAT malware, threat actors are targeting Linux…

The University of Arkansas at Little Rock and its partners have announced the expansion of the Emerging Threat Information Sharing and Analysis Center (ET-ISAC) to bolster the fight against the growing risk of cyberattacks in the energy sector. This new…

Cybersecurity researchers at Trend Micro have discovered a new information-stealing malware targeting browsers and cryptocurrency wallets. The malware called Bandit Stealer has only targeted Windows systems so far, but it can potentially spread to other…

Cybersecurity researchers at Trend Micro have warned about CAPTCHA-breaking services being offered for sale to circumvent systems designed to differentiate between legitimate users and bot traffic. CAPTCHA, which stands for Completely Automated Public…

A new 'File Archivers in the Browser' phishing kit exploits ZIP domains by displaying fake WinRAR or Windows File Explorer windows in the browser in order to trick users into launching malicious files. Google recently began allowing the registration of…

Max Ahartz, a penetration tester, realized that building a custom cracking rig for research would be costly, so he built one on Amazon Web Services (AWS). In an interview with Help Net Security, he discussed the process and the specifics of his creation…

As the summer holiday season approaches, travel-themed phishing scams are gathering momentum, posing a significant threat to individuals and organizations. According to a recent McAfee survey, 30 percent of adults have fallen victim to or know someone…

The second-largest health insurer in Massachusetts was recently the victim of a ransomware attack in which sensitive personal information and health information of current and past members may have been compromised.  Point32Health stated that a “…