BidenCash, a carding marketplace on the dark web, has exposed two million valid payment cards. As legitimate businesses celebrate birthdays by offering discounts, hackers distribute stolen items. BidenCash announced that it would be distributing credit…

Researchers from the cybersecurity company Uptycs warn of attacks using the Parallax Remote Access Trojan (RAT) on cryptocurrency organizations. Since December 2019, the Parallax RAT has been spread via malvertising and phishing attacks. Common RAT…

According to Oort, zero-day flaws are no longer required for successful system attacks, as threat actors increasingly focus on compromising identities through techniques such as evading multi-factor authentication (MFA), hijacking sessions, and brute-…

Satellite television company Dish Network has recently revealed that ransomware was the cause of a multi-day outage impacting customers.  The Colorado-headquartered firm, which also owns wireless service provider Boost Mobile and streaming provider…

Bitdefender has released a free decryptor for the MortalKombat ransomware that victims can use to recover their files without paying the demanded ransom. The release of a functional decryptor for the strain follows its emergence in January 2023, when…

A vulnerable Kubernetes container and weak permissions enabled an adversary to transform an opportunistic cryptojacking attack into a widespread invasion impacting intellectual property and sensitive data. The attack, dubbed "SCARLETEEL" by the cloud…

BlackLotus, a stealthy Unified Extensible Firmware Interface (UEFI) bootkit, is the first publicly known malware that can circumvent Secure Boot protections, making it a major cyber threat. According to a report by ESET, this bootkit can operate on…

Clemson University is opening a National Center where researchers will develop new methods to bolster the transportation system security against cyberattacks. The new National Center for Transportation Cybersecurity and Resilience (TraCR) will receive a…

There has been much discussion about how hackers might benefit from ChatGPT, the OpenAI-trained Artificial Intelligence (AI) chatbot, but it is important to also examine how cybersecurity experts can use this tool. In 2022, the Large Language Model (LLM…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) has released a Cybersecurity Advisory (CSA) titled "CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks," describing a red team…

According to SonicWall's 2023 Cyber Threat Report, state-sponsored threat actors are shifting their attention toward small and midsize businesses (SMBs). While large companies, public services, and crucial national infrastructure have historically been…

Pentera surveyed 300 CIOs, CISOs, and security leaders from businesses in Europe and the US, revealing that a cyberattack had impacted 88 percent of organizations over the past two years. The Pentera study finds that this is the case despite companies…