The North Korea-linked threat actor known as UNC4899 has been attributed to attacks targeting two different organizations by approaching their employees via LinkedIn and Telegram. […]
Category: Cyber Security News
Singapore’s Strategic Approach to State-Linked APT Cyber Threats
Singapore’s recent disclosure of an ongoing cyberattack by the advanced persistent threat (APT) group UNC3886 on critical infrastructure highlights a deliberate strategy favoring technical attribution […]
Dark Reading Confidential: Funding the CVE Program of the Future
Dark Reading Confidential Episode 8: Federal funding for the CVE Program expires in April 2026, and a trio of experts agree the industry isn’t doing […]
Lenovo IdeaCentre and Yoga BIOS Flaws Allow Attackers to Run Arbitrary Code
Security researchers have discovered critical BIOS vulnerabilities affecting Lenovo’s IdeaCentre and Yoga All-in-One desktop computers that could allow privileged attackers to execute arbitrary code and […]
Qilin Ransomware Uses TPwSav.sys Driver to Bypass EDR Security Measures
Cybercriminals affiliated with the Qilin ransomware-as-a-service (RaaS) operation have demonstrated advanced evasion techniques by exploiting a previously undocumented vulnerable driver, TPwSav.sys, to disable Endpoint Detection […]
Palo Alto kauft CyberArk
Der israelische Identity-Management-Anbieter CyberArk wird Teil von Palo Alto Networks. ShU studio | shutterstock.com Mit der Ãœbernahme des Identity-Management-Spezialisten CyberArk für rund 25 Milliarden Dollar […]
Hackers Deploy Cobalt Strike Beacon Using GitHub and Social Media
A sophisticated cyberattack campaign disrupted the Russian IT industry and entities in several other countries, leveraging advanced evasion techniques to deploy the notorious Cobalt Strike […]
Threat Actors Use LNK Files to Deploy RedLoader Malware on Windows Systems
Sophos analysts have identified a novel infection chain employed by the financially motivated cybercriminal group GOLD BLADE, also known as RedCurl, Red Wolf, and Earth […]
The CrowdStrike Outage Was Bad, but It Could Have Been Worse
A year after the largest outage in IT history, organizations need to make an active effort to diversify their technology and software vendors and create […]
New Spear Phishing Attack Distributes VIP Keylogger Through Email Attachment
Threat actors have revived the sophisticated VIP keylogger malware, previously detailed in an earlier white paper for its use of spear-phishing and steganography to infiltrate […]