Between March and June 2022, three different but related campaigns were discovered delivering ModernLoader, RedLine Stealer, and cryptocurrency miners onto compromised systems. According to Cisco Talos researcher Vanja Svajcer, the actors use PowerShell…

Documents appear to show that the Israeli spyware firm Intellexa sold a full suite of services centered on a zero-day vulnerability impacting both the Android and iOS ecosystems. An unknown customer appears to have paid around €8 million last month for a…

The FBI has issued a warning to investors that cybercriminals are increasingly exploiting security flaws in Decentralized Finance (DeFi) platforms to steal cryptocurrency. Investors who believe cybercriminals have stolen their DeFi investments should…

According to new research, the Iranian hacker group MuddyWater, which is allegedly linked to the country's state intelligence service, is still exploiting the Log4j vulnerability to gain access to corporate networks in Israel during the two countries'…

Microsoft and NEC have recently expressed concerns about the security and possible rapid adoption of critical 5G technologies. German security researchers have also now backed up the industry's fears. Karsten Nohl, the founder of Berlin-based Security…

An encryption tool developed in collaboration with a University of Cincinnati (UC) math professor will soon protect telecommunications, online retail and banking, and other digital systems. The National Institute of Standards and Technology (NIST) has…

The anti-cheat system of Genshin Impact, a popular free-to-play online game, is being used by a ransomware gang to hack victims and launch ransomware. According to Trend Micro, anti-cheat systems, which are installed by default as part of many online…

The US Department of Treasury and Israel's Ministry of Finance have finalized the terms of a new bilateral agreement that aims to strengthen cyber resilience in both countries' networks and extends an existing tech-centric bilateral agreement. This…

Customers of Okta, an Identity and Access Management (IAM) company, log in using One-Time Passwords (OTPs) sent via SMS. Okta's clients can use temporary codes sent via SMS via Twilio as one of several methods of service authentication. The threat actor…

Ethereum is offering a reward of up to $1 million to anyone who discovers merge-related critical vulnerabilities on its blockchain. The reward will be increased fourfold. A "merge" is an upgrade to a network. The process, which is expected to be…

Galois, a firm specializing in the research and development of new technologies, has recently open-sourced a suite of tools for identifying vulnerabilities in C and C++ code.  Dubbed MATE, the tools are the result of a collaborative effort supported…

The Association for Uncrewed Vehicle Systems International (AUVSI) and Fortress Information Security (Fortress) have launched an industry-wide collaboration to create an enterprise cybersecurity model and a set of voluntary standards to address cyber…