Please turn on your JavaScript for this page to function normally.
ConnectWise
ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

The recently patched vulnerabilities (CVE-2024-1709, CVE-2024-1708) in ConnectWise ScreenConnect software are being exploited by numerous attackers to deliver a variety of …

US Department of Justice
Alleged Raccoon Infostealer operator extradited, verification site set up for victims

A Ukrainian national was extradited to the United States from the Netherlands after being indicted for crimes related to fraud, money laundering, and aggravated identity …

email
Clean links and sophisticated scams mark new era in email attacks

Analysis of 7 billion emails shows clean links are duping users, malicious EML attachments increased 10-fold in Q4, and social engineering attacks are at all-time highs, …

face
iOS users beware: GoldPickaxe trojan steals your facial data

Group-IB uncovered a new iOS trojan designed to steal users’ facial recognition data, identity documents, and intercept SMS. The trojan, dubbed GoldPickaxe.iOS by Group-IB’s …

malware
Understanding the tactics of stealthy hunter-killer malware

Picus Security has revealed a rise in hunter-killer malware, highlighting a significant shift in adversaries’ capability to pinpoint and thwart advanced enterprise …

ransomware
Ransomware tactics evolve, become scrappier

As we enter 2024, ransomware remains the most significant cyberthreat facing businesses, according to Malwarebytes. Malwarebytes reveals that the United States accounted for …

botnet
As-a-Service tools empower criminals with limited tech skills

As-a-service attacks continue to dominate the threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) tools making up the majority of malicious …

breach
Chinese hackers breached Dutch Ministry of Defense

Chinese state-sponsored hackers have breached the Dutch Ministry of Defense (MOD) last year and deployed a new remote access trojan (RAT) malware to serve as a backdoor. …

botnet
FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

The FritzFrog cryptomining botnet has new potential for growth: a recently analyzed variant of the bot is exploiting the Log4Shell (CVE-2021-44228) and PwnKit (CVE-2021-4034) …

USB
Threat actor used Vimeo, Ars Technica to serve second-stage malware

A financially motivated threat actor tracked as UNC4990 is using booby-trapped USB storage devices and malicious payloads hosted on popular websites such as Ars Technica, …

White Phoenix
Free ransomware recovery tool White Phoenix now has a web version

White Phoenix is a free ransomware recovery tool for situations where files are encrypted with intermittent encryption. It was tested on BlackCat/ALPHV Ransomware, Play …

laptop
Blackwood APT delivers malware by hijacking legitimate software update requests

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage …

Don't miss

Cybersecurity news