Group-IB found almost three dozen groups of Russian hackers using the stealer-as-a-service model to spread infostealer malware. An infostealer is a type of malware that collects browser credentials, payment card numbers, and cryptocurrency wallet…

A new Malware-as-a-Service (MaaS) operation called 'DuckLogs' is providing low-skilled attackers with easy access to multiple modules for data theft, keystroke logging, clipboard data access, and remote access to the compromised host. DuckLogs is…

A previously unknown Go-based malware is targeting Redis servers with the intent of taking control of infected systems and likely establishing a botnet network. According to cloud security firm Aqua, the attacks involve exploiting a critical security…

Security researchers at industrial cybersecurity firm Nozomi Networks have recently discovered three vulnerabilities in Mitsubishi Electric’s GX Works3 engineering workstation software that could be exploited to hack safety systems.  GX Works3 is…

Netwrix has released additional findings from its global 2022 Cloud Security Report for the financial and banking sectors. Financial institutions are much more concerned about users who have legitimate access to their cloud infrastructure than other…

When an attacker submits changes to an open-source repository on GitHub, downstream software projects that include the most recent version of a component may compile updates containing malicious code. According to Legit Security, a software supply chain…

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned of the continued threat posed by the Cuba ransomware variant, which has made its affiliates and developers $60m as of August.  CISA revealed in a new alert that the ransomware…

This week, NATO kicked off its Cyber Coalition 22 exercise to enhance cyber resilience among its members.  NATO brought together 1000 defenders from 26 member countries plus Finland and Sweden, Georgia, Ireland, Japan, Switzerland, and the EU, as…

Small-scale renewable energy systems have the advantage of being able to be set up into networks that, when necessary, can run independently of the primary electric grid. KAUST researchers are now creating strategies to defend these networks, known as…

As power grids become more reliant on computer-based systems, they become more vulnerable to cyberattacks. Mohammadamin Moradi, an electrical engineering doctoral student at Arizona State University (ASU), used Artificial Intelligence (AI) to analyze the…

The US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) responded to an advanced cyberattack on a Defense Industrial Base (DIB) organization's network from November 2021 to January 2022. During that time, Advanced…

According to a new report by the Commerce Department Office of Inspector General (IG), a team of government-contracted red team hackers gained unauthorized and undetected control of critical Census Bureau systems in a simulated attack test, which…