cybercrime
How cybercriminals use look-alike domains to impersonate brands
Cybercriminals create hundreds of thousands of counterfeit domains that mimic well-known brands for financial gain. These fake domains serve multiple malicious purposes, such …
Old vulnerabilities are still a big problem
A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote …
Emerging threat: AI-powered social engineering
Social engineering is a sophisticated form of manipulation but, thanks to AI advancements, malicious groups have gained access to highly sophisticated tools, suggesting that …
From unsuspecting click to data compromise
Phishing is a pervasive and ever-evolving cyber threat that has become a primary concern for individuals, organizations, and cybersecurity experts worldwide. This deceptive …
Connected cars and cybercrime: A primer
Original equipment suppliers (OEMs) and their suppliers who are weighing how to invest their budgets might be inclined to slow pedal investment in addressing cyberthreats. To …
Spam is up, QR codes emerge as a significant threat vector
85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023, according to a VIPRE report. Information …
Cybercriminals use research contests to create new attack methods
Adversary-sponsored research contests on cybercriminal forums focus on new methods of attack and evasion, according to Sophos. The contests mirror legitimate security …
Trojanized Signal, Telegram apps found on Google Play, Samsung Galaxy Store
ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the …
Ransomware dwell time hits new low
Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks …
Attackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)
Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal …
How executives’ personal devices threaten business security
Today, individual people – not businesses or government entities as a whole – are the primary targets, or entry points, for all major cyberattacks, according to …
Learning from past healthcare breaches to fortify future cybersecurity strategies
In the face of rising cyber threats, the healthcare sector has become a hotbed for cyberattacks. Given the gravity of this situation, we sat down with Shenny Sheth, Deputy …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege