An updated version of the commodity malware known as Legion includes enhanced capabilities to compromise SSH servers and Amazon Web Services (AWS) credentials linked to DynamoDB and CloudWatch. Cado Labs researcher Matt Muir said the recent update…

Since 2019, a relatively unknown Advanced Persistent Threat (APT) group called GoldenJackal has been conducting espionage against government and diplomatic entities in Asia. The threat actors have maintained a low profile for hiding, carefully selecting…

For users seeking to modify their privacy settings on websites such as Facebook and Google, the process often feels like a scavenger hunt. In many cases, these settings are spread across multiple pages, requiring at least five clicks to locate the…

iRecorder - Screen Recorder is a trojanized Android app discovered by ESET researchers. It was available as a legitimate app on Google Play in September 2021, and malicious functionality was likely introduced in August 2022. During its existence, more…

The US Department of the Treasury recently announced sanctions against four entities and one individual for engaging in malicious cyber activities on behalf of the North Korean government.  The US Department of the Treasury stated that North Korean…

A massive credential-harvesting campaign uses the legitimate email newsletter program SuperMailer to send out a large number of phishing emails designed to circumvent Secure Email Gateway (SEG) protections. Cofense reported on May 23 that SuperMailer-…

A team of researchers from UC San Diego and Purdue University has discovered a hidden feature of Intel processors that can enhance security, including shutting down an entire class of Spectre attacks capable of providing an attacker with sensitive…

The National Security Agency (NSA) and several partners have released the "#StopRansomware Guide" Cybersecurity Information Sheet (CSI) to help network defenders protect against malicious cyber actors' evolving ransomware tactics. The US Homeland…

In an attack on Apria Healthcare, cybercriminals stole the credit card information of nearly two million customers. Apria is a leading provider of home medical equipment delivery and clinical support in the US. The attackers reportedly stole financial…

Security researchers at ClearSky have discovered a sophisticated watering hole attack targeting multiple Israeli websites.  The malicious attempt, believed to be conducted by a nation-state actor from Iran, has raised concerns about the security of…

In March 2023, researchers detected a previously unknown Advanced Persistent Threat (APT) group, Bad Magic, also known as Red Stinger, which targeted organizations in the region of the Russo-Ukrainian conflict. The attackers were seen using PowerMagic…

Different information-stealing malware strains have been distributed using websites posing as the TikTok video editor CapCut in different campaigns. A Cyble report revealed that the threat actors behind the first campaign used fraudulent CapCut websites…