U.S. Healthcare Orgs Targeted with Maui Ransomware
State-sponsored actors are deploying the unique malware--which targets specific files and leaves no ransomware note--in ongoing attacks. [...]
State-sponsored actors are deploying the unique malware--which targets specific files and leaves no ransomware note--in ongoing attacks. [...]
A developer appears to have divulged credentials to a police database on a popular developer forum, leading to a breach and subsequent bid to sell 23 terabytes of personal data on the dark web. [...]
The heap buffer overflow issue in the browser’s WebRTC engine could allow attackers to execute arbitrary code. [...]
Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor. [...]
Cyber collective Killnet claims it won’t let up until the Baltic country opens trade routes to and from the Russian exclave of Kaliningrad. [...]
The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs. [...]
The APT is pairing a known Microsoft flaw with a malicious document to load malware that nabs credentials from Chrome, Firefox and Edge browsers. [...]
Culture of ‘insecure-by-design’ security is cited in discovery of bug-riddled operational technology devices. [...]
Attackers are targeting a number of key vertical markets in the U.S. with the active campaign, which impersonates the organization and Microsoft to lift Office365 and Outlook log-in details. [...]
Attackers gained access to private account details through an email compromise incident that occurred in April. [...]
Symbiote, discovered in November, parasitically infects running processes so it can steal credentials, gain rootlkit functionality and install a backdoor for remote access. [...]
The dangerous malware appears to be well and truly back in action, sporting new variants and security-dodging behaviors in a wave of recent phishing campaigns. [...]
Sabre and Travelport had to report the weekly activities of former “Cardplanet” cybercriminal Aleksei Burkov for two years, info that eventually led to his arrest and prosecution. [...]
The novel cybercriminal group tapped the ever-evolving info-stealing trojan to move laterally on a network in a recent attack, researchers have found. [...]
The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario. [...]
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity. [...]
The info-stealing trojan used SMS messages and lifted contact credentials to spread with unprecedented speed across Android devices globally since December 2020. [...]
Threat actors already are exploiting vulnerability, dubbed ‘Follina’ and originally identified back in April, to target organizations in Russia and Tibet, researchers said. [...]
The malvertiser’s use of PowerShell could push it beyond its basic capabilities to spread ransomware, spyware or steal data from browser sessions, researchers warn. [...]
Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks. [...]
Actors claiming to be the defunct ransomware group are targeting one of Akami’s customers with a Layer 7 attack, demanding an extortion payment in Bitcoin. [...]
2022’s DBIR also highlighted the far-reaching impact of supply-chain breaches and how organizations and their employees are the reasons why incidents occur. [...]
Microsoft Word also leveraged in the email campaign, which uses a 22-year-old Office RCE bug. [...]
More than 380,000 of the 450,000-plus servers hosting the open-source container-orchestration engine for managing cloud deployments allow some form of access. [...]
Privilege escalation flaw discovered in the Jupiter and JupiterX Core Plugin affects more than 90,000 sites. [...]