86% of cyberattacks are delivered over encrypted channels
Threats over HTTPS grew by 24% from 2022, underscoring the sophisticated nature of cybercriminal tactics that target encrypted channels, according to Zscaler. For the second …
8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers
The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability (CVE-2020-14883) to distribute malware, the Imperva Threat Research team has found. About 8220 …
Qakbot returns in fresh assault on hospitality sector
The Qakbot botnet has been disrupted this summer, but cybercriminals are not ready to give up on the malware: Microsoft’s threat analysts have spotted a new phishing …
Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware
North Korea-backed group Lazarus has been spotted exploiting the Log4Shell vulnerability (CVE-2021-44228) and novel malware written in DLang (i.e., the memory-safe D …
Recruiters, beware of cybercrooks posing as job applicants!
Recruiters are being targeted via spear-phishing emails sent by cybercrooks impersonating job applicants, Proofpoint researchers are warning. “The tone and content of …
Cybercriminals continue targeting open remote access products
Cybercriminals still prefer targeting open remote access products, or like to leverage legitimate remote access tools to hide their malicious actions, according to WatchGuard. …
Booking.com customers targeted in hotel booking scam
Scammers are hijacking hotels’ Booking.com accounts and using them as part of a hotel booking scam aimed at tricking guests into sharing their payment card information. …
SMBs face surge in “malware free” attacks
“Malware free” attacks, attackers’ increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and …
Online stores may not be as secure as you think
Credit card skimming is on the rise for the holiday shopping season, according to Malwarebytes. Online stores are not always as secure as you might think they are, and yet you …
Apache ActiveMQ bug exploited to deliver Kinsing malware
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. …
AI disinformation campaigns pose major threat to 2024 elections
AI, post-quantum cryptography, zero trust, cryptography research, and election security will shape cybersecurity strategies in the present and for 2024, according to NTT. As …
Infostealers and the high value of stolen data
The risk of personal and professional data being stolen by nefarious actors looms larger than ever, according to Trend Micro. Understanding the risks associated with data …
Featured news
Resources
Don't miss
- OpenNHP: Cryptography-driven zero trust protocol
- The API security crisis and why businesses are at risk
- Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
- Casio UK site compromised, equipped with web skimmer
- Man charged with stealing $65 million by exploting DeFI protocols vulnerabilities