.webp)
Security researchers have identified a sophisticated attack campaign attributed to APT37, a North Korean state-sponsored hacking group also known as ScarCruft, Reaper, and Red Eyes. […]
Infostealer Attacks Surge 84% Weekly Through Phishing Emails
The volume of infostealer malware distributed through phishing emails has…
North Korean IT Workers Use Real-Time Deepfakes to Infiltrate Organizations Through Remote Jobs
A division of Palo Alto Networks, have revealed a sophisticated…
Can Cybersecurity Weather the Current Economic Chaos?
Cybersecurity firms tend to be more software- and service-oriented than…
New Phishing Technique Hides Weaponized HTML Files Within SVG Images
Cybersecurity experts have observed an alarming increase in the use…
Detecting And Blocking DNS Tunneling Techniques Using Network Analytics
DNS tunneling is a covert technique that cybercriminals use to…
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States
Cybersecurity researchers are warning of a "widespread and ongoing" SMS phishing campaign that's been targeting toll road users in the United States for financial theft since mid-October 2024. "The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,'" Cisco Talos researchers Azim Khodjibaev, Chetan The original article found on The Hacker News Read More
Nation-State Threats Put SMBs in Their Sights
Cyberthreat groups increasingly see small and medium businesses, especially those…
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
Cybersecurity researchers have flagged a new malicious campaign related to…
Akira Ransomware Launches New Cyberattacks Using Stolen Credentials and Public Tools
The Akira ransomware group has intensified its operations, targeting over…
Detecting And Blocking DNS Tunneling Techniques Using Network Analytics
DNS tunneling is a covert technique that cybercriminals use to…
New Phishing Technique Hides Weaponized HTML Files Within SVG Images
Cybersecurity experts have observed an alarming increase in the use…
High-Severity Cloud Security Alerts Tripled in 2024
Attackers aren't just spending more time targeting the cloud —…
Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks
Google has released out-of-band fixes to address a high-severity security…
SpotBugs Access Token Theft Identified as Root Cause of GitHub Supply Chain Attack
The cascading supply chain attack that initially targeted Coinbase before…
Critical Windows Remote Desktop Services Vulnerability Lets Attackers Execute Malicious Code
Microsoft has released its March security update, addressing 57 vulnerabilities…
OpenSSH 10.0 Released With Protocol Changes & Security Upgrades
OpenSSH 10.0, a significant update to the widely adopted secure…
Google Pays Out Nearly $12M in 2024 Bug Bounty Program
The program underwent a series of changes in the past year, including richer maximum rewards in a variety of bug categories. The original article found […]
CISA Adds 2 VeraCore Vulnerabilities to Known Actively Exploit Vulnerability Catalog
CISA has likely added two VeraCore vulnerabilities, CVE-2024-57968 and CVE-2025-25181, to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation by the XE Group. […]
‘SideWinder’ Intensifies Attacks on Maritime Sector
The likely India-based threat group is also targeting logistics companies in a continued expansion of its activities. The original article found on darkreading Read More
APT ‘Blind Eagle’ Targets Colombian Government
The South American-based advanced persistent threat group is using an exploit with a “high infection rate,” according to research from Check Point. The original article […]
Ex-Employee Found Guilty in Revenge Kill-Switch Scheme
Clandestine kill switch was designed to lock out other users if the developer’s account in the company’s Windows Active Directory was ever disabled. The original […]
Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials
Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on. “The polymorphic extensions create a pixel […]
GitHub-Hosted Malware Infects 1M Windows Users
Microsoft has identified a complex, malvertising-based attack chain that delivered Lumma and other infostealers to enterprise and consumer PC users; the campaign is unlikely the […]
_rcphotostock_Alamy.jpg)
When Seconds Count: How to Survive Fast-and-Furious DDoS Microbursts
In the battle against two-minute micro-attacks that can knock out critical communication services, the difference between success and failure can literally come down to seconds. […]
Why The Modern Google Workspace Needs Unified Security
The Need For Unified Security Google Workspace is where teams collaborate, share ideas, and get work done. But while it makes work easier, it also […]