Business-grade routers compromised in low-key attack campaign
An unknown threat actor has discreetly compromised business-grade DrayTek routers in Europe, Latin and North America, equipping them with a remote access trojan (dubbed …
Attackers increasingly using transfer.sh to host malicious code
For many years now, unsecured internet-facing Redis servers have been steadily getting co-opted by criminals to mine cryptocurrency, so the latest cryptojacking campaign …
Don’t be fooled by a pretty icon, malicious apps hide in plain sight
Apps, whether for communication, productivity or gaming, are one of the biggest threats to mobile security, according to McAfee. The end of 2022 saw the release of some …
Covert cyberattacks on the rise as attackers shift tactics for maximum impact
2022 was the second-highest year on record for global ransomware attempts, as well as an 87% increase in IoT malware and a record number of cryptojacking attacks (139.3 …
Wiper malware goes global, destructive attacks surge
The threat landscape and organizations’ attack surface are constantly transforming, and cybercriminals’ ability to design and adapt their techniques to suit this evolving …
Users looking for ChatGPT apps get malware instead
The massive popularity of OpenAI’s chatbot ChatGPT has not gone unnoticed by cyber criminals: they are exploiting the public’s eagerness to experiment with it to …
Most vulnerabilities associated with ransomware are old
Researchers identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022 – marking a 19% increase year-over-year. …
Malware that can do anything and everything is on the rise
“Swiss Army knife” malware – multi-purpose malware that can perform malicious actions across the cyber-kill chain and evade detection by security controls – is on …
Novel face swaps emerge as a major threat to biometric security
Digital identities are rapidly becoming more widely used as organizations’ and governments’ digital transformation projects mature and users demand more remote accessibility …
A glut of wiper malware hits Ukrainian targets
ESET researchers have discovered yet another wiper malware used to target Ukrainian organizations. Dubbed SwiftSlicer, it is thought to be wielded by the Sandworm APT. …
What makes small and medium-sized businesses vulnerable to BEC attacks
According to the FBI’s 2021 Internet Crime Report, business email compromise (BEC) accounted for almost a third of the country’s $6.9 billion in cyber losses that year – …
A closer look at malicious packages targeting Python developers
In this Help Net Security video, Carlos Fernandez, Security Researcher at Sonatype, talks about how their AI system caught packages that attack Python developers with a unique …
Featured news
Resources
Don't miss
- OpenNHP: Cryptography-driven zero trust protocol
- The API security crisis and why businesses are at risk
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
- Casio UK site compromised, equipped with web skimmer
- Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities