The Ukrainian Computer Emergency Response Team (CERT-UA) found a cocktail of five different data-wiping malware strains deployed on the network of the country's national news agency (Ukrinform) on January 17th.
A massive campaign is leveraging hacked WordPress sites to redirect victims to tech support scams, adult dating, phishing, or drive-by-downloads attacks. The hackers behind it have made sure that their malicious payloads are hard to detect by means of multiple redirects and legitimate downloads.
CISA, the NSA, and MS-ISAC warned today in a joint advisory that attackers are increasingly using legitimate remote monitoring and management (RMM) software for malicious purposes.
More worryingly, CISA discovered malicious activity within the networks of multiple federal civilian executive branch (FCEB) agencies using the EINSTEIN intrusion detection system after the release of a Silent Push report in mid-October 202
The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition.
Poor integration of the Ransack library into Ruby on Rails (RoR) applications could allow attackers to steal information from backend databases, security firm Positive Security has warned.
Ransack allows developers to add object-based search to their Rails applications. Its convenience and flexibility have made it both widely used and problematic, at least from a security perspective.
A new ransomware family dubbed Mimic has surfaced in the threat landscape. The ransomware abuses the APIs of a legitimate Everything tool for the encryption process.
One of the most recent finds exposed the Aurora Stealer malware imitating popular applications to infect as many users as possible.
Cyble researchers were able to determine that, in order to target a variety of well-known applications, the threat actors are actively changing and customizing their phishing websites. Aurora targets data from web browsers and crypto wallets, among others.
Researchers have disclosed a new attack campaign using a Python-based RAT. Dubbed PY#RATION, the attackers have been leveraging the RAT since August 2022, to gain control over compromised systems.
Ransomware has lately been the primary method of monetization for threat actors. Still, research has revealed a slight decrease in ransomware attacks and ransomware payments this past year, suggesting cybercriminals are evolving their strategies.
The use of software as a service (SaaS) is experiencing rapid growth and shows no signs of slowing down. Its decentralized and easy-to-use nature is beneficial for increasing employee productivity, but it also poses many security and IT challenges. Keeping track of all the SaaS applications that have been granted access to an organization's data is a difficult task.
