Lazarus Group exploited ManageEngine vulnerability to target critical infrastructure
North Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure …
Ransomware dwell time hits new low
Median attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks …
Bogus OfficeNote app delivers XLoader macOS malware
A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample …
Macs are getting compromised to act as proxy exit nodes
AdLoad, well-known malware that has been targeting systems running macOS for over half a decade, has been observed delivering a new payload that – unbeknown to the …
APTs use of lesser-known TTPs are no less of a headache
APT (advanced persistent threat) attacks were once considered to be primarily a problem for large corporations, but the number of these (often state-sponsored) attacks against …
Threat intelligence’s key role in mitigating malware threats
Malware, being one of the most prevalent and pervasive initial threat vectors, continues to adapt and become more sophisticated, according to OPSWAT. Crucial role of threat …
The ransomware rollercoaster continues as criminals advance their business models
Ransomware shows no signs of slowing, with ransomware activity ending 13 times higher than at the start of 2023 as a proportion of all malware detections, according to …
Navigating the gray zone of ransomware payment practices
Ransomware remains a lucrative tool for cybercriminals as attackers continue to target a wide array of businesses. In response to this growing threat, an increasing number of …
Cryptojacking soars as cyberattacks increase, diversify
Digital threat actors are adopting evolving tactical behaviors, opting for different types of malicious attacks compared to previous years, according to SonicWall. Overall …
RaaS proliferation: 14 new ransomware groups target organizations worldwide
In the Q2 2023, GuidePoint Research and Intelligence Team (GRIT) tracked 1,177 total publicly posted ransomware victims claimed by 41 different threat groups. The most …
LLMs and AI positioned to dominate the AppSec world
As modern software trends toward distributed architectures, microservices, and extensive use of third-party and open source components, dependency management only gets harder, …
Facebook and Microsoft remain prime targets for spoofing
While trends in phishing frequently evolve, Facebook and Microsoft’s collective dominance as the most spoofed brands continues, according to Vade. Facebook and Microsoft’s …
Featured news
Sponsored
Don't miss
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)
- Risk related to non-human identities: Believe the hype, reject the FUD