The Interlock ransomware intrusion set has escalated its operations across North America and Europe with sophisticated techniques. Not falling under the typical Ransomware-as-a-Service (RaaS) category, […]
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web…
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing…
New Rust-Based Botnet Hijacks Routers to Inject Remote Commands
A new malware named “RustoBot” has been discovered exploiting vulnerabilities…
Latest Lumma InfoStealer Variant Found Using Code Flow Obfuscation
Researchers have uncovered a sophisticated new variant of the notorious…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Phishers Exploit Google Sites and DKIM Replay to Send Signed Emails, Steal Credentials
In what has been described as an "extremely sophisticated phishing…
5 Major Concerns With Employees Using The Browser
As SaaS and cloud-native work reshape the enterprise, the web…
FBI Alerts Public to Scammers Posing as IC3 Officials in Fraud Scheme
The Federal Bureau of Investigation (FBI) has issued a warning…
Japan Sounds Alarm Over Hackers Draining Millions from Compromised Trading Accounts
Cybersecurity in Japan has hit a new low as the…
Magecart Launches New Attack Using Malicious JavaScript to Steal Credit Card Data
The notorious Magecart group has been identified by the Yarix…
China Plans Expanded Cybersecurity Cooperation with Russia
China has announced a significant step forward in its partnership…
10 Best IT Systems Management Tools – 2025
IT systems management tools are essential for organizations to monitor,…
Galaxy S24 Vulnerability Poses Risk of Unauthorized File Access
A security flaw in Samsung’s Quick Share feature for the…
Leaked Black Basta Chats Suggest Russian Officials Aided Leader’s Escape from Armenia
The recently leaked trove of internal chat logs among members…
CISA Releases Five Industrial Control Systems Advisories Covering Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released five Industrial…
Beware! Online PDF Converters Tricking Users into Installing Password-Stealing Malware
CloudSEK’s Security Research team, a sophisticated cyberattack leveraging malicious online PDF converters has been demonstrated to target individuals and organizations globally. This attack, previously hinted […]
AI-Powered Bad Bots Account for 51% of Traffic, Surpassing Human Traffic for the First Time
Automated traffic generated by bad bots has for the first time surpassed human activity, accounting for 51% of all internet traffic in 2024, according to […]
Hackers Weaponize Gamma Tool Through Cloudflare Turnstile to Steal Microsoft Credentials
Cybercriminals are exploiting an AI-powered presentation tool called Gamma to launch a multi-stage attack aimed at stealing Microsoft credentials. This attack route is designed not […]
Active Directory Recovery Can’t Be an Afterthought
Active Directory is one of the most vulnerable access points in an organization’s IT environment. Companies cannot wait for a real attack to pressure-test their […]
Google Blocked 5.1B Harmful Ads and Suspended 39.2M Advertiser Accounts in 2024
Google on Wednesday revealed that it suspended over 39.2 million advertiser accounts in 2024, with a majority of them identified and blocked by its systems […]
SquareX to Reveal Critical Data Splicing Attack at BSides SF, Exposing Major DLP Vulnerability
SquareX researchers Jeswin Mathai and Audrey Adeline will be disclosing a new class of data exfiltration techniques at BSides San Francisco 2025. Titled “Data Splicing Attacks: Breaking Enterprise DLP from the […]
Landmark Admin Suffers Major Breach, Exposing Data of 1.6M+ Users
Landmark Admin, LLC (“Landmark”), a Texas-based third-party administrator for life insurance carriers, has confirmed that a cyberattack compromised sensitive personal data belonging to more than […]
From Third-Party Vendors to U.S. Tariffs: The New Cyber Risks Facing Supply Chains
Introduction Cyber threats targeting supply chains have become a growing concern for businesses across industries. As companies continue to expand their reliance on third-party vendors, […]
Gamma AI Platform Abused in Phishing Chain to Spoof Microsoft SharePoint Logins
Threat actors are leveraging an artificial intelligence (AI) powered presentation platform named Gamma in phishing attacks to direct unsuspecting users to spoofed Microsoft login pages. […]