Specialization among threat groups poses challenges for defenders, who now must distinguish between different actors responsible for different facets of an attack. ​The original article […]
Dynamic DNS Emerges as Go-to Cyberattack Facilitator
Scattered Spider and other phishers and hacking groups are using rentable subdomains from dynamic DNS providers to obfuscate their activity and impersonate well-known brands. ​The […]
Australian Human Rights Commission Leaks Docs in Data Breach
An internal error led to public disclosure of reams of sensitive data that could be co-opted for follow-on cyberattacks. ​The original article found on darkreading […]
Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication
A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded within the seemingly innocuous package os-info-checker-es6. First published on March […]
Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack
A serious security flaw affecting the Eventin plugin, a popular event management solution for WordPress, was recently discovered by Denver Jackson, a member of the […]
Chinese Agent Impersonate as Stanford Student For Intelligence Gathering
Chinese intelligence operative posing as a Stanford University student has been uncovered following an investigation into suspicious approaches made to students conducting China-related research. The […]
Printer Company Distributes Malicious Drivers Infected with XRed Malware
Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code, including the notorious XRed backdoor malware. The issue came to […]
New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads
A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a highly sophisticated phishing-based attack. Cybersecurity researchers have uncovered a multi-stage […]
‘Would rather pay bounty than ransom’: Coinbase on $20M extortion attempt
Coinbase (Nasdaq:COIN), the largest crypto exchange in the US, is offering a $20 million bounty for information leading to those behind a May 2025 breach […]
_Dzmitry_Skazau_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
How to Develop and Communicate Metrics for CSIRPs
A well-documented cybersecurity incident response program (CSIRP) provides the transparency needed for informed decision-making, protecting the organization in a constantly changing threat environment. ​The original […]