Prioritize patching vulnerabilities associated with ransomware
A threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in …
Stealthy APT group plunders very specific corporate email accounts
An eminently sophisticated and stealthy APT group is going after specific corporate email accounts and has, on occasion, managed to remain undetected in victim environments …
APT group has developed custom-made tools for targeting ICS/SCADA devices
Just a few days after news of attempted use of a new variant of the Industroyer malware comes a warning from the US Cybersecurity and Infrastructure Security Agency (CISA): …
Attackers employ novel methods to backdoor French organizations
An advanced threat actor has been spotted using distinctive, novel methods to backdoor French entities in the construction, real estate, and government industries. How the …
Ransomware groups and APT actors laser-focused on financial services
Trellix released a report, examining cybercriminal behavior and activity related to cyber threats in the third quarter (Q3) of 2021. Among its findings, the research reports …
Stealthy firmware bootkit leveraged by APT in targeted attacks
Kaspersky researchers have uncovered the third known case of a firmware bootkit in the wild. Dubbed MoonBounce, this malicious implant is hidden within Unified Extensible …
Cybersecurity industry trends from 2021 bound to shape this year’s threat landscape
Bugcrowd released its report to spotlight the key cybersecurity trends from 2021, including the rise in the adoption of crowdsourced security due to the global shift to hybrid …
Should businesses be concerned about APT-style attacks?
As we enter 2022, organizations are re-evaluating their cybersecurity strategies to lower risks and best defend against potential threats. Through budget, risk tolerance, …
Determined APT is exploiting ManageEngine ServiceDesk Plus vulnerability (CVE-2021-44077)
An APT group is leveraging a critical vulnerability (CVE-2021-44077) in Zoho ManageEngine ServiceDesk Plus to compromise organizations in a variety of sectors, including …
77% of rootkits are used for espionage purposes
In a new report, Positive Technologies analyzes this past decade’s most infamous families of rootkits – programs that hide the presence of malicious software or …
SolarWinds hackers are going after cloud, managed and IT service providers
Nobelium, the advanced, persistent threat (APT) actor behind the 2020 SolarWinds supply chain attack that served as a springboard for breaching a variety of high-level …
Ransomware still a primary threat as cybercriminals evolve tactics
Trend Micro announced that it blocked 40.9 billion email threats, malicious files, and malicious URLs for customers in the first half of 2021, a 47% year-on-year increase. …
Featured news
Resources
Don't miss
- Solana’s popular web3.js library backdoored in supply chain compromise
- How widespread is mercenary spyware? More than you think
- Product showcase: Securing Active Directory passwords with Specops Password Policy
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
- SafeLine: Open-source web application firewall (WAF)