Since September 2021, an emerging threat cluster originating in North Korea has been linked to the development and use of ransomware in cyberattacks against small businesses. The group, known as H0lyGh0st after the ransomware payload of the same name, is…

The source of June's record-breaking Distributed Denial-of-Service (DDoS) attack was a new botnet called Mantis, which is now considered the most powerful botnet to date. The highest rate of the attack was 26 million requests per second, coming from 5,…

According to a report recently released by the Cloud Security Alliance (CSA), 67 percent of organizations host sensitive data or workloads in the public cloud. While 89 percent of respondents believe that Cloud Service Provider (CSP) security controls…

Researchers Yong-joon Lee of Far East University and Won-shik Na of Namseoul University, both in the Republic of Korea, have described a novel method for detecting hidden malicious code in websites. In contrast to currently employed methods, their…

Security researchers at Ponemon Institute conducted a survey and discovered that most enterprises struggle to maintain visibility and control of their endpoint devices, leading to increased security breaches and impaired ability to ward off outside…

Security researchers at Chainalysis have discovered that the use of so-called cryptocurrency “mixers,” which combine various types of assets to mask their origin, peaked at a 30-day average of nearly $52 million worth of digital currency in April,…

According to new research condcuted by Identity Theft Resource Center (ITRC), a US-based non-profit that provides identity crime advice, the number of people falling victim to data breaches has fallen back from last year’s record high.  They put…

A former Central Intelligence Agency (CIA) programmer was recently found guilty in New York federal court of the 2017 leak of the US spy agency's most valuable hacking tools to WikiLeaks two years after his initial prosecution ended in a mistrial.  …

Akamai researchers analyzed a phishing kit that leads users through a series of pages and forms intended to gather information that can later be used to steal the victims' identities, commit money laundering, open cryptocurrency accounts, make false tax…

Microsoft has disclosed a now-fixed vulnerability in Apple's macOS that would have allowed attackers to elevate device privileges and install additional malicious payloads by enabling certain types of code to circumvent the operating system's App Sandbox…

A new ransomware operation called 'Lilith' has been launched, and its first victim has already been posted on a data leak site designed to support double-extortion attacks. JAMESWT discovered Lilith, a C/C++ console-based ransomware designed for 64-bit…

Since early 2021, many campaigns have been carried out by nation-state hacking groups affiliated with China, Iran, North Korea, and Turkey that target journalists to conduct espionage and spread malware. According to Proofpoint, phishing attempts aimed…