According to a recent study conducted by the cybersecurity firm Horizon3.ai, ineffective credential policies and a lax approach to patching were among the most common points of Information Technology (IT) security failure for organizations in 2022. The…

Vesuvius, a UK-based molten metal flow engineering company, recently issued an alert on February 6, 2023, which stated it was "currently managing a cyber incident, which involved unauthorized access to their systems." The ceramics manufacturer is listed…

The LockBit ransomware gang has claimed responsibility for the cyberattack on Royal Mail, the leading mail delivery service in the UK, which halted the company's international shipping operations due to severe service disruption. This comes after…

The Royal Ransomware group has now added support for encrypting Linux devices and targeting VMWare ESXi virtual machines. Other ransomware operators, including AvosLocker, Black Basta, BlackMatter, HelloKitty, Hive, LockBit, Luna, Nevada, RansomEXX, and…

Using Sunlogin software vulnerabilities, threat actors are deploying the Sliver command-and-control (C2) framework for post-exploitation activities. The AhnLab Security Emergency Response Center (ASEC) discovered that security vulnerabilities in Sunlogin…

The Linux variant of the Cl0p ransomware contains flawed encryption logic, which allowed researchers from SentinelOne to develop and release a free decryptor. Using the asymmetric algorithm RSA and a public key, the Windows variant of Cl0p encrypts the…

European cybersecurity authorities warn of active network exploitation of a nearly two-year-old VMWare ESXi flaw by ransomware attackers. ESXiArgs is the name given to the campaign because, after encrypting a file, the ransomware creates an extra file…

Security researchers at Cleafy have discovered a new Android banking Trojan dubbed "PixPirate" targeting financial institutions in Brazil between the end of 2022 and the beginning of this year.  The researchers stated that PixPirate belongs to the…

European police have recently arrested 42 suspects and seized guns, drugs, and millions in cash, after cracking another encrypted online messaging service used by criminals.  Police launched raids on 79 premises in Belgium, Germany, and the…

A cyberattack caused a nearly daylong outage of the nation’s new 988 mental health helpline late last year. Lawmakers are now calling for the federal agency that oversees the program to prevent future attacks. A spokeswoman for the Substance Abuse and…

PeopleConnect-owned background check services Instant Checkmate and TruthFinder have recently disclosed data breaches affecting a total of more than 20 million users.  In individual data breach notices published on February 3, the organizations…

Security researchers at Check Point have warned that a popular cryptocurrency is a scam after spotting backdoor functionality designed to effectively steal users’ funds.  Dingo Token is relatively small by cryptocurrency standards: its market cap of…