5 Practical Techniques for Effective Cyber Threat Hunting
Addressing cyber threats before they have a chance to strike...
Stay informed on current trends in the IT world.
Addressing cyber threats before they have a chance to strike...
A suspected South Asian cyber espionage threat group known as...
Bogus software update lures are being used by threat actors...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday...
A little-known cyber espionage actor known as The Mask has...
Cybersecurity researchers have shed light on a previously undocumented aspect...
THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
This past week has been packed with unsettling developments in...
A Serbian journalist had his phone first unlocked by a...
With the evolution of modern software development, CI/CD pipeline governance...
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton...
Cybersecurity researchers are calling attention to a new kind of...
The Security Service of Ukraine (SBU or SSU) has exposed...
Last week, Apache announced a vulnerability in Struts2 . The...
Germany's Federal Office of Information Security (BSI) has announced that...
Thai government officials have emerged as the target of a...
A now-removed GitHub repository that advertised a WordPress tool to...
A security flaw has been disclosed in OpenWrt's Attended Sysupgrade...
The U.S. Department of Justice (DoJ) has indicted 14 nationals...
Run by the team at orchestration, AI, and automation platform...
Iran-affiliated threat actors have been linked to a new custom...
Cybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT...
The U.S. Department of Justice (DoJ) on Thursday announced the...
The Russia-linked state-sponsored threat actor tracked as Gamaredon has been...
Cybersecurity researchers are warning that thousands of servers hosting the...
SaaS services are one of the biggest drivers of OpEx...
Details have emerged about a now-patched security vulnerability in Apple's...
Malicious actors are exploiting a critical vulnerability in the Hunk...
A global law enforcement operation has failed 27 stresser services...
Apple today released patches for all of its operating systems....
A financial firm registered in Canada has emerged as the...
The Russian nation-state actor tracked as Secret Blizzard has been...
A newly devised technique leverages a Windows accessibility framework called...
Cybersecurity researchers have flagged a "critical" security vulnerability in Microsoft's...
Cybersecurity researchers have discovered a new version of the ZLoader...
Cybersecurity researchers have discovered a novel surveillance program that's suspected...
In today’s highly distributed workplace, every employee has the ability...
Microsoft closed out its Patch Tuesday updates for 2024 with...
The U.S. government on Tuesday unsealed charges against a Chinese...
Ivanti has released security updates to address multiple critical flaws...
Microsoft today released updates to plug at least 70 security...
Microsoft today released patches for 71 vulnerabilities. 16 of these...
Users of Cleo-managed file transfer software are being urged to...
Cybersecurity researchers have shed light on a sophisticated mobile phishing...
In today’s rapidly evolving threat landscape, safeguarding your organization against...
Belgian and Dutch authorities have arrested eight suspects in connection...
A suspected China-nexus cyber espionage group has been attributed to...
Cyber attackers never stop inventing new ways to compromise their...
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned...
The threat actors linked to the Black Basta ransomware have...
THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 – 8)
This week’s cyber world is like a big spy movie....
Identity security is all the rage right now, and rightfully...
Details have emerged about a now-patched security flaw in the...
I get a daily report from my honeypots for Cowrie...
In yet another software supply chain attack, it has come...
Cybercriminals know that privileged accounts are the keys to your...
Cybersecurity researchers have warned of a new scam campaign that...
In a historic decision, Romania's constitutional court has annulled the...
A Russian programmer accused of donating money to Ukraine had...
The modern business landscape is thrilling yet daunting. Rapidly evolving...
Cybersecurity researchers have disclosed multiple security flaws impacting open-source machine...
The threat actors behind the More_eggs malware have been linked...
The threat actor known as Gamaredon has been observed leveraging...
As many as 77 banking institutions, cryptocurrency exchanges, and national...
Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings...
Europol on Thursday announced the shutdown of a clearnet marketplace...
A previously undocumented threat activity cluster dubbed Earth Minotaur is...
Vulnerability Management (VM) has long been a cornerstone of organizational...
A suspected Chinese threat actor targeted a large U.S. organization...
The China-linked threat actor known as MirrorFace has been attributed...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added multiple...
The U.K. National Crime Agency (NCA) on Wednesday announced that...
The Russia-linked advanced persistent threat (APT) group known as Turla...
In January 2022, KrebsOnSecurity identified a Russian man named Mikhail...
Are you using the cloud or thinking about transitioning? Undoubtedly,...
Europol on Tuesday announced the takedown of an invite-only encrypted...
Many organizations struggle with password policies that look strong on...
Cybersecurity researchers are alerting to a software supply chain attack...
A joint advisory issued by Australia, Canada, New Zealand, and...
A critical security vulnerability has been disclosed in SailPoint's IdentityIQ...
Veeam has released security updates to address a critical flaw...
Cisco on Monday updated an advisory to warn customers of...
Phishing attacks increased nearly 40 percent in the year ending...
Cybersecurity researchers have disclosed a set of flaws impacting Palo...
The North Korea-aligned threat actor known as Kimsuky has been...
I found a sample that is a Word document with...
A newly discovered malware campaign has been found to target...
Taiwanese entities in manufacturing, healthcare, and information technology sectors have...
Artificial Intelligence (AI) is no longer a far-off dream—it’s here,...
Ever wonder what happens in the digital world every time...
Over a dozen malicious Android apps identified on the Google...
The vast majority of red team exercises that I (and...
A global law enforcement operation has led to the arrest...
There are many malicious scripts available on the Internet. Github...
A Russian cybercriminal wanted in the U.S. in connection with...
A Moscow-based company sanctioned by the U.S. earlier this year...
The lines between digital and physical realms increasingly blur. While...
Microsoft has addressed four security flaws impacting its artificial intelligence...
Cybersecurity researchers are warning about malicious email campaigns leveraging a...
I was asked how one can decode a bunch of...
A 59-year-old U.S. citizen who immigrated from the People's Republic...
Nearly two dozen security vulnerabilities have been disclosed in Advantech...
Cybersecurity researchers have discovered a software supply chain attack that...
Serverless environments, leveraging services such as AWS Lambda, offer incredible...
A popular open-source game engine called Godot Engine is being...
U.S. telecom service provider T-Mobile said it recently detected attempts...
A critical security flaw impacting the ProjectSend open-source file-sharing application...
Multi-stage cyber attacks, characterized by their complex execution chains, are...
Cybersecurity researchers have shed light on what has been described...
The threat actor known as APT-C-60 has been linked to...
An INTERPOL-led operation has led to the arrest of 1,006...
A threat actor named Matrix has been linked to a...
Two men have been arrested for allegedly stealing data from...
Two critical security flaws impacting the Spam protection, Anti-Spam, and...
When CVEs go viral, separating critical vulnerabilities from the noise...
The Russia-aligned threat actor known as RomCom has been linked...
The China-linked threat actor known as Earth Estries has been...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday...
The administrators of the Python Package Index (PyPI) repository have...
Google has introduced a new feature called Restore Credentials to...
Few months ago, I noticed that something strange was happening...
Dive into the evolution of phishing and malware evasion techniques...
We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all...
Cybersecurity researchers have uncovered a new malicious campaign that leverages...
As mentioned in diary entry "Increase In Phishing SVG Attachments",...
In diary entry "Analyzing an Encrypted Phishing PDF", I decrypted...
Wireshark release 4.4.2 fixes 2 vulnerabilities and 33 bugs.
Government agencies and non-governmental organizations in the United States have...
The North Korea-linked threat actor known as Sapphire Sleet is...
The threat actor known as Mysterious Elephant has been observed...
Google Workspace has quickly become the productivity backbone for businesses...
Threat actors with ties to Russia have been linked to...
Meta Platforms, Microsoft, and the U.S. Department of Justice (DoJ)...
Cybersecurity researchers have discovered two malicious packages uploaded to the...
Federal prosecutors in Los Angeles this week unsealed criminal charges...
The China-aligned advanced persistent threat (APT) actor known as Gelsemium...
As many as 2,000 Palo Alto Networks devices are estimated...
Privileged access management (PAM) plays a pivotal role in building...
As a relatively new security category, many security operators and...
Threat actors with ties to the Democratic People's Republic of...
New research has uncovered more than 145,000 internet-exposed Industrial Control...
Five alleged members of the infamous Scattered Spider cybercrime crew...
Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has...
Threat hunters are warning about an updated version of the...
There is an increase in SVG attachments used in phishing...
Threat actors are increasingly banking on a new technique that...
The frequency and sophistication of modern cyberattacks are surging, making...
Multiple decade-old security vulnerabilities have been disclosed in the needrestart...
A new China-linked cyber espionage group has been attributed as...
Apple has released security updates for iOS, iPadOS, macOS, visionOS,...
Oracle is warning that a high-severity security flaw impacting the...
The financial technology firm Finastra is investigating the alleged large-scale...
Today, Apple released updates patching two vulnerabilities that have already...
Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to...
The malware known as Ngioweb has been used to fuel...
Privileged accounts are well-known gateways for potential security threats. However,...
Cybersecurity researchers have shed light on a Linux variant of...
U.S. telecoms giant T-Mobile has confirmed that it was also...
Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter...
Hello from Singapore where I'm with Johannes and Yee! This week, I'm teaching FOR710....
According to research from GitGuardian and CyberArk, 79% of IT...
Cybersecurity researchers have shed light on a new stealthy malware...
According to research from GitGuardian and CyberArk, 79% of IT...
What do hijacked websites, fake job offers, and sneaky ransomware...
IT leaders know the drill—regulators and cyber insurers demand regular...
A new phishing campaign is targeting e-commerce shoppers in Europe...
Last week, Watchtowr Labs released details describing a new and...
Legal documents released as part of an ongoing legal tussle...
A critical authentication bypass vulnerability has been disclosed in the...
There are so many vulnerabilities in commonly used routers that...
Palo Alto Networks has released new indicators of compromise (IoCs)...
A threat actor known as BrazenBamboo has exploited an unresolved...
Cybersecurity researchers have shed light on a new remote access...
In the fast-paced digital world, trust is everything—but what happens...
Cybersecurity researchers have disclosed two security flaws in Google's Vertex...
In recent years, artificial intelligence (AI) has begun revolutionizing Identity...
A Vietnamese-speaking threat actor has been linked to an information-stealing...
Cybersecurity researchers have disclosed a high-severity security flaw in the...
Ilya Lichtenstein, who pleaded guilty to the 2016 hack of...
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday...
Multiple threat actors have been found taking advantage of an...
Google has revealed that bad actors are leveraging techniques like...
Ransomware isn’t just a buzzword; it’s one of the most...
Advertising on TikTok is the obvious choice for any company...
Threat actors have been found leveraging a new technique that...
A newly patched security flaw impacting Windows NT LAN Manager...
A threat actor affiliated with Hamas has expanded its malicious...
Romanian cybersecurity company Bitdefender has released a free decryptor to...
The rise of SaaS and cloud-based work environments has fundamentally...
A security analysis of the OvrC cloud platform has uncovered...
The Iranian threat actor known as TA455 has been observed...
Microsoft on Tuesday revealed that two security flaws impacting Windows...
Microsoft today released updates to plug at least 89 security...
This month, Microsoft is addressing a total of 83 vulnerabilities....
Cybersecurity researchers are calling attention to a new sophisticated tool...
Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual...
Threat actors with ties to the Democratic People's Republic of...
Behavioral analytics, long associated with threat detection (i.e. UEBA or...
Cybersecurity researchers have flagged a new ransomware family called Ymir...
In an unusually specific campaign, users searching about the legality...
Imagine this: the very tools you trust to protect...
Cyber threats are intensifying, and cybersecurity has become critical to...
Hewlett Packard Enterprise (HPE) has released security updates to address...
Cybersecurity researchers have uncovered nearly two dozen security flaws spanning...
Cybersecurity researchers have discovered a new phishing campaign that spreads...
In yesterday's diary entry "zipdump & Evasive ZIP Concatenation" I...
The Federal Bureau of Investigation (FBI) is urging police departments...
Palo Alto Networks on Friday issued an informational advisory urging...
On Friday's Stormcast, Johannes talks about Evasive ZIP Concatenation, a...
The 36-year-old founder of the Bitcoin Fog cryptocurrency mixer has...
The threat actors behind the AndroxGh0st malware are now exploiting...
A new campaign has targeted the npm package repository with...
High-profile entities in India have become the target of malicious...
We’ve all heard a million times: growing demand for robust...
Let’s face it—traditional security training can feel as thrilling as...
Cybersecurity researchers have flagged a new malware campaign that infects...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday...
Defending your organization’s security is like fortifying a castle—you need...
A threat actor with ties to the Democratic People's Republic...
An ongoing phishing campaign is employing copyright infringement-related themes to...
Tactics, techniques, and procedures (TTPs) form the foundation of modern...
I found an interesting script targeting Steam users. Steam is a...
Cisco has released security updates to address a maximum severity...
The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve...
An ongoing threat campaign dubbed VEILDrive has been observed taking...
Cybersecurity researchers are warning that a command-and-control (C&C) framework called...
Budget season is upon us, and everyone in your organization...
INTERPOL on Tuesday said it took down more than 22,000...
Meta has been fined 21.62 billion won ($15.67 million) by...
Google's cloud division has announced that it will enforce mandatory...
The U.S. Federal Bureau of Investigation (FBI) has sought assistance...
A 26-year-old man in Ontario, Canada has been arrested for...
Over 1,500 Android devices have been infected by a new...
Zero Trust security changes how organizations handle security by doing...
Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a...
While hunting, I found another interesting Python RAT in the...
Canadian law enforcement authorities have arrested an individual who is...
An ongoing campaign is targeting npm developers with hundreds of...
Google has warned that a security flaw impacting its Android...
Cybersecurity researchers have disclosed six security flaws in the Ollama...
German law enforcement authorities have announced the disruption of a...
This week was a total digital dumpster fire! Hackers were...
Google said it discovered a zero-day vulnerability in the SQLite...
As the holiday season approaches, retail businesses are gearing up...
Once in a while, I get a question about my...
Cybersecurity researchers have discovered a new version of a well-known...
In diary entry "Analyzing PDF Streams" I answer a question...
A number of cybercriminal innovations are making it easier for...
U.S. and Israeli cybersecurity agencies have published a new advisory...
With so many SaaS applications, a range of configuration options,...
Cybersecurity researchers have flagged a "massive" campaign that targets exposed...
Microsoft has revealed that a Chinese threat actor it tracks...
Microsoft is further delaying the release of its controversial Recall...
Cybersecurity researchers have disclosed a new phishing kit that has...
Did you know that advanced threat actors can infiltrate the...
Cybersecurity researchers have discovered an improved version of an Apple...
LottieFiles has revealed that its npm package "lottie-player" was compromised...
In the modern, browser-centric workplace, the corporate identity acts as...
A high-severity security flaw has been disclosed in the LiteSpeed...
After reviewing the Top 10 Not So Common SSH Usernames...
RDP is one of the most prominent entry points into...
Threat actors in North Korea have been implicated in a...
A now-patched security flaw in the Opera web browser could...
Change Healthcare says it has notified approximately 100 million Americans...
Cybersecurity researchers have discovered a new malicious Python package that...
Navigating the complexities of compliance frameworks like ISO 27001, SOC...
A little over three dozen security vulnerabilities have been disclosed...
The Dutch National Police, along with international partners, have announced...
Sherlock Holmes is famous for his incredible ability to sort...
The U.S. government (USG) has issued new guidance governing the...
More than six years after the Spectre security flaw impacting...
Today, Apple released updates for all of its operating systems....
A government entity and a religious organization in Taiwan were...
A suspected Russian hybrid espionage and influence operation has been...
Three malicious packages published to the npm registry in September...
Cybersecurity news can sometimes feel like a never-ending horror movie,...
Operational Technology (OT) security has affected marine vessel and port...
Cybersecurity researchers have warned of a spike in phishing pages...
Phishing authors have long ago discovered that adding HTML attachments...
A new attack technique could be used to bypass Microsoft's...
Ivanti products have given us a rich corpus of vulnerabilities...
Four members of the now-defunct REvil ransomware operation have been...
The infamous cryptojacking group known as TeamTNT appears to be...
The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed...
A security flaw impacting the Wi-Fi Test Suite could enable...
Apple has publicly made available its Private Cloud Compute (PCC)...
Artificial Intelligence (AI) has rapidly evolved from a futuristic concept...
The U.S. Securities and Exchange Commission (SEC) has charged four...
The Irish data protection watchdog on Thursday fined LinkedIn €310...
We do keep seeing attackers "poking around" looking for enabled...
Cybersecurity researchers have discovered an advanced version of the Qilin...
Cybersecurity researchers have disclosed a security flaw impacting Amazon Web...
Cisco on Wednesday said it has released updates to address...
Sometimes, it turns out that the answers we struggled so...
The North Korean threat actor known as Lazarus Group has...
Fortinet has confirmed details of a critical security flaw impacting...
New variants of a banking malware called Grandoreiro have been...
Identity security is front, and center given all the recent...
A high-severity flaw impacting Microsoft SharePoint has been added to...
Not long ago, the ability to digitally track someone’s daily...
It may come as a surprise to learn that 34%...
Cybersecurity researchers have shed light on a new adversarial technique...
Russian-speaking users have become the target of a new phishing...
Back in June of 2010, The Electronic Frontier Foundation (EFF)...
Details have emerged about a now-patched security flaw in Styra's...
Bad actors have been observed targeting Docker remote API servers...
Service accounts are vital in any enterprise, running automated processes...
Cybersecurity researchers have discovered a number of suspicious packages published...
Two malware families that suffered setbacks in the aftermath of...
VMware has released software updates to address an already patched...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday...
Over the last month, two hurricanes barely missed me. Luckily,...
The prolific Chinese nation-state actor known as APT41 (aka Brass...
Hi there! Here’s your quick update on the latest in...
Pentest Checklists Are More Important Than Ever Given the expanding...
Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end...
Unknown threat actors have been observed attempting to exploit a...
In the modern enterprise, data security is often discussed using...
A nascent threat actor known as Crypt Ghouls has been...
North Korean information technology (IT) workers who obtain employment under...
Brazilian authorities reportedly have arrested a 33-year-old man on suspicion...
Picture your company's data as a vast, complex jigsaw puzzle—scattered...
Cybersecurity and intelligence agencies from Australia, Canada, and the U.S....
Microsoft has disclosed details about a now-patched security flaw in...
The Russian threat actor known as RomCom has been linked...
Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service...
The U.S. government on Wednesday announced the arrest and charging...
As technology adoption has shifted to be employee-led, just in...
An advanced persistent threat (APT) actor with suspected ties to...
Federal prosecutors in the U.S. have charged two Sudanese brothers...
A critical security flaw has been disclosed in the Kubernetes...
I noticed in my logs 2 weeks ago regular probe...
Our list of "Top" ssh usernames and password is pretty...
Threat actors are attempting to abuse the open-source EDRSilencer tool...
The FIDO Alliance said it's working to make passkeys and...
The North Korean threat actor known as ScarCruft has been...
AI from the attacker’s perspective: See how cybercriminals are leveraging...
To defend your organization against cyber threats, you need a...
A new spear-phishing campaign targeting Brazil has been found delivering...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday...
GitHub has released security updates for Enterprise Server (GHES) to...
New variants of an Android banking trojan called TrickMo have...
Demo scripts left behind after installing applications or frameworks are...
North Korean threat actors have been observed using a Linux...
Cybersecurity researchers have disclosed a new malware campaign that leverages...
In recent years, the number and sophistication of zero-day vulnerabilities...
China's National Computer Virus Emergency Response Center (CVERC) has doubled...
Cybersecurity researchers have disclosed a new malware campaign that delivers...
The maintainers of the Jetpack WordPress plugin have released a...
The link between detection and response (DR) practices and cloud...
A suspected nation-state adversary has been observed weaponizing three security...
Threat actors are actively attempting to exploit a now-patched security...
I receive a lot of spam in my catch-all mailboxes....
The Iranian threat actor known as OilRig has been observed...
Wireshark release 4.4.1 fixes 2 vulnerabilities and 27 bugs. One...
The U.S. Department of Justice (DoJ) has announced arrests and...
A new tax-themed malware campaign targeting insurance and finance sectors...
Threat actors constantly change tactics to bypass cybersecurity measures, developing...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning...
GitLab has released security updates for Community Edition (CE) and...
The Dutch police have announced the takedown of Bohemia and...
OpenAI on Wednesday said it has disrupted more than 20...
Cybersecurity security researchers are warning about an unpatched vulnerability in...
The current SOC model relies on a scarce resource: human...
Cybersecurity researchers have shed light on a new digital skimmer...
Mozilla has revealed that a critical security flaw impacting Firefox...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday...
The parents of a 19-year-old Connecticut honors student accused of...
Google on Wednesday announced a new partnership with the Global...
Details have emerged about multiple security vulnerabilities in two implementations...
Threat actors with ties to North Korea have been observed...
Social media accounts help shape a brand’s identity and reputation....
A few days ago, a new stealthy malware targeting Linux...
Microsoft has released security updates to fix a total of...
Microsoft is warning of cyber attack campaigns that abuse legitimate...
Microsoft today released security updates to fix at least 117...
Microsoft today released patches for 117 vulnerabilities. Three additional vulnerabilities...
Ivanti has warned that three new security vulnerabilities impacting its...
Users searching for game cheats are being tricked into downloading...
Russian government agencies and industrial entities are the target of...
A little-known threat actor tracked as GoldenJackal has been linked...
Ukraine has claimed responsibility for a cyber attack that targeted...
Qualcomm has rolled out security updates to address nearly two...
It's always tempting to install the latest releases of your...
Organizations are losing between $94 - $186 billion annually to...
The interest in passwordless authentication has increased due to the...
Cybersecurity researchers have discovered a new botnet malware family called...
Ever heard of a "pig butchering" scam? Or a DDoS...
A critical security flaw has been disclosed in the Apache...
Europe's top court has ruled that Meta Platforms must restrict...
Apple has released iOS and iPadOS updates to address two...
It is about a week since the release of the...
Microsoft and the U.S. Department of Justice (DoJ) on Thursday...
Cloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service...
Continuous Threat Exposure Management (CTEM) is a strategic framework that...
Google has revealed the various security guardrails that have been...
For years, securing a company’s systems was synonymous with securing...
Linux servers are the target of an ongoing campaign that...
Threat actors with ties to North Korea have been observed...
Organizations that get relieved of credentials to their cloud environments...
INTERPOL has announced the arrest of eight individuals in Côte...
A new wave of international law enforcement actions has led...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday...
Over the last 9 months or so, I've been putting...
A large-scale fraud campaign leveraged fake trading apps published on...
A previously undocumented threat actor called CeranaKeeper has been linked...
A spear-phishing email campaign has been observed targeting recruiters with...
A little over a dozen new security vulnerabilities have been...
Cybersecurity researchers have disclosed that 5% of all Adobe Commerce...
Dynamic malware analysis is a key part of any threat...
Three different organizations in the U.S. were targeted in August...
A new set of malicious packages has been unearthed in...
Cybersecurity researchers are warning about active exploitation attempts targeting a...
The threat actors behind the Rhadamanthys information stealer have added...
For a few years now, October has been "National Cyber...
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI...
More than 140,000 phishing websites have been found linked to...
Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the...
The U.S. Department of Justice (DoJ) has charged a 39-year-old...
A California man accused of failing to pay taxes on...
One of the problems I've had since I originally wrote...
Hold onto your hats, folks, because the cybersecurity world is...
Attackers are increasingly turning to session hijacking to get around...
Critical security vulnerabilities have been disclosed in six different Automatic...
Imagine a sophisticated cyberattack cripples your organization’s most critical productivity...
The Irish Data Protection Commission (DPC) has fined Meta €91...
Cybersecurity researchers have discovered a malicious Android app on the...
U.S. federal prosecutors on Friday unsealed criminal charges against three...
Progress Software has released another round of updates to address...
A new set of security vulnerabilities has been disclosed in...
As security technology and threat awareness among organizations improves so...
The threat actor known as Storm-0501 has targeted government, manufacturing,...
Russian-speaking users have been targeted as part of a new...
In today's fast-evolving digital landscape, cybersecurity has become a cornerstone...
The U.S. government on Thursday sanctioned two cryptocurrency exchanges and...
A critical security flaw has been disclosed in the NVIDIA...
These last two days, a lot has been talked about...
Cybersecurity researchers have disclosed a set of now patched vulnerabilities...
The United States today unveiled sanctions and indictments against the...
Threat actors with ties to North Korea have been observed...
Imagine trying to find a needle in a haystack, but...
As many as 25 websites linked to the Kurdish minority...
Many businesses rely on the Common Vulnerability Scoring System (CVSS)...
An advanced threat actor with an India nexus has been...
Nation-state threat actors backed by Beijing broke into a "handful"...
Google has revealed that its transition to memory-safe languages such...
Occasionally, I tend to check in on what reflective DNS...
The FBI is warning timeshare owners to be wary of...
Cybersecurity researchers have flagged the discovery of a new post-exploitation...
Vienna-based privacy non-profit noyb (short for None Of Your Business)...
Phishing attacks are becoming more advanced and harder to detect,...
Security Orchestration, Automation, and Response (SOAR) was introduced with the...
A now-patched security vulnerability in OpenAI's ChatGPT app for macOS...
Transportation and logistics companies in North America are the target...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday...
Altered versions of legitimate Android apps associated with Spotify, WhatsApp,...
Late in July, a researcher using the alias "NETSECFISH" published...
The U.S. Department of Commerce (DoC) said it's proposing a...
SaaS applications contain a wealth of sensitive data and are...
Ransomware is no longer just a threat; it's an entire...
Cybersecurity researchers have discovered a new version of an Android...
In a major policy reversal, the popular messaging app Telegram...
Password resets can be frustrating for end users. Nobody likes...
Hold on tight, folks, because last week's cybersecurity landscape was...
Popular social messaging platform Discord has announced that it's rolling...
A critical security flaw has been disclosed in the Microchip...
A suspected advanced persistent threat (APT) originating from China targeted...
Threat actors with ties to North Korea have been observed...
A hacktivist group known as Twelve has been observed using...
The U.K. Information Commissioner's Office (ICO) has confirmed that professional...
Law enforcement authorities have announced the takedown of an international...
In IT environments, some secrets are managed well and some...
An Iranian advanced persistent threat (APT) threat actor likely affiliated...
Google on Thursday unveiled a Password Manager PIN to let...
Ivanti has revealed that a critical security flaw impacting Cloud...
Our reader "RoseSecurity" forwarded received the following malicious email:
Many GitHub users this week received a novel phishing email...
Until just a couple of years ago, only a handful...
Threat actors have been observed targeting the construction sector by...
The cryptojacking operation known as TeamTNT has likely resurfaced as...
A previously undocumented malware called SambaSpy is exclusively targeting users...
Cybersecurity in healthcare has never been more urgent. As the...
Microsoft has revealed that a financially motivated threat actor has...
GitLab has released patches to address a critical flaw impacting...
Since posting a diary about Vega-Lite , I have "played"...
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army...
A Chinese national has been indicted in the U.S. on...
Scammers are flooding Facebook with groups that purport to offer...
A North Korea-linked cyber-espionage group has been observed leveraging job-themed...
Google has announced that it's rolling out a new set...
A few months ago, I wrote a diary about a...
The GSM Association, the governing body that oversees the development...
Broadcom on Tuesday released updates to address a critical security...
Google has announced that it will be switching from KYBER...
The U.S. Department of Treasury has imposed fresh sanctions against...
Since launching ChatGPT in 2022, OpenAI has defied expectations with...
Last week, I posted a diary about suspicious Python modules....
Cryptocurrency exchange Binance is warning of an "ongoing" global threat...
SolarWinds has released fixes to address two security flaws in...
Cybersecurity researchers are continuing to warn about North Korean threat...
A now-patched critical security flaw impacting Google Cloud Platform (GCP)...
The PCI DSS landscape is evolving rapidly. With the Q1...
Imagine this... You arrive at work to a chaotic scene....
Apple has filed a motion to "voluntarily" dismiss its lawsuit...
There is a common technique used by attackers: They append...
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse...
YARA 4.5.2 was released with 3 small changes and 4...
Ivanti has revealed that a newly patched security flaw in...
Details have emerged about a now-patched security flaw impacting Apple's...
In an earlier diary , I reviewed how using tools...
British authorities on Thursday announced the arrest of a 17-year-old...
Cybersecurity researchers have uncovered a new variant of an Android...
A cyberattack that shut down two of the top casinos...
Cybersecurity researchers have uncovered a new malware campaign targeting Linux...
Bank customers in the Central Asia region have been targeted...
GitLab on Wednesday released security updates to address 17 security...
Nearly 1.3 million Android-based TV boxes running outdated versions of...
Internet-exposed Selenium Grid instances are being targeted by bad actors...
Iraqi government networks have emerged as the target of an...
Cato CTRL (Cyber Threats Research Lab) has released its Q2...
WordPress.org has announced a new account security measure that will...
The operators of the mysterious Quad7 botnet are actively evolving...
A "simplified Chinese-speaking actor" has been linked to a new...
The Singapore Police Force (SPF) has announced the arrest of...
Cybersecurity researchers have uncovered a new set of malicious Python...
Imagine a world where you never have to remember another...
Microsoft on Tuesday disclosed that three new security flaws impacting...
Since I’m interested in malicious Python scripts, I found multiple...
Microsoft Corp. today released updates to fix at least 79...
Today, Microsoft released its scheduled September set of patches. This...
The threat actor known as CosmicBeetle has debuted a new...
A trio of threat activity clusters linked to China has...
A new side-channel attack dubbed PIXHELL could be abused to...
Shadow apps, a segment of Shadow IT, are SaaS applications...
The threat actor tracked as Mustang Panda has refined its...
A novel side-channel attack has been found to leverage radio...
The Colombian insurance sector is the target of a threat...
The proliferation of cybersecurity tools has created an illusion of...
GenAI has become a table stakes tool for employees, due...
Designed to be more than a one-time assessment— Wing Security’s...
Progress Software has released security updates for a maximum-severity flaw...
Android device users in South Korea have emerged as a...
A previously undocumented threat actor with likely ties to Chinese-speaking...
The U.S. government and a coalition of international partners have...
Here are more details on the power consumption of my...
PythonScript is a Notepad++ plugin that provides a Python interpreter...
Two men have been indicted in the U.S. for their...
Threat actors affiliated with North Korea have been observed leveraging...
SonicWall has revealed that a recently patched critical security flaw...
Threat actors have long leveraged typosquatting as a means to...
A recently disclosed security flaw in OSGeo GeoServer GeoTools has...
The 2024 State of the vCISO Report continues Cynomi’s tradition...
Cybersecurity researchers have discovered yet another critical security flaw in...
A new security flaw has been addressed in the Apache...
Telegram CEO Pavel Durov has broken his silence nearly two...
I like to enrich my honeypot data from a variety...
Veeam has shipped security updates to address a total of...
Unnamed government entities in the Middle East and Malaysia are...
The U.S. Department of Justice (DoJ) on Wednesday announced the...
It’s been a decade since the National Institute of Standards...
Threat actors are likely employing a tool designated for red...
The Chinese-speaking threat actor known as Earth Lusca has been...
Cisco has released security updates for two critical security flaws...
North Korean threat actors have leveraged a fake Windows video...
On August 10th, the popular learning platform "Moodle" released an...
Google has released its monthly security updates for the Android...
Zyxel has released software updates to address a critical security...
A new supply chain attack technique targeting the Python Package...
Account takeover attacks have emerged as one of the most...
The Dutch Data Protection Authority (Dutch DPA) has imposed a...
A new malware campaign is spoofing Palo Alto Networks' GlobalProtect...
An old but persistent email scam known as “sextortion” has...
Cybersecurity researchers have unpacked the inner workings of a new...
A hacktivist group known as Head Mare has been linked...
Mobile users in Brazil are the target of a new...
Eight vulnerabilities have been uncovered in Microsoft applications for macOS...
In the digital realm, secrets (API keys, private keys, username...
A 57-year-old man from the U.S. state of Missouri has...
Just like "Protected OOXML Spreadsheets", Word documents can also be...
Three men in the United Kingdom have pleaded guilty to...
Threat actors linked to the RansomHub ransomware group encrypted and...
The world of cybersecurity is in a constant state of...
The FBI and CISA Issue Joint Advisory on New Threats...
Roblox developers are the target of a persistent campaign that...
Display filters are used to define expressions that decide which...
A recently patched security flaw in Google Chrome and other...
This is the first 4.4 release. Many new features have...
Cybersecurity researchers have uncovered a novel malware campaign that leverages...
Cybersecurity researchers have unearthed new network infrastructure set up by...
The most dangerous vulnerability you’ve never heard of. In the...
A comprehensive guide authored by Dean Parsons emphasizes the growing...
Threat actors with ties to North Korea have been observed...
It can be helpful to simulate different kinds of system...
Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged...
A non-profit supporting Vietnamese human rights has been the target...
Attackers are increasingly using new phishing toolkits (open-source, commercial, and...
U.S. cybersecurity and intelligence agencies have called out an Iranian...
French prosecutors on Wednesday formally charged CEO Pavel Durov with...
Multiple media reports this week warned Americans to be on...
Fortra has addressed a critical security flaw impacting FileCatalyst Workflow...
A South Korea-aligned cyber espionage has been linked to the...
The threat actors behind the BlackByte ransomware group have been...
Cybersecurity researchers are calling attention to a new QR code...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday...
A critical security flaw has been disclosed in the WPML...
I have been curious for a while looking at Kibana's...
Users of Chinese instant messaging apps like DingTalk and WeChat...
The China-nexus cyber espionage group tracked as Volt Typhoon has...
Malicious hackers are exploiting a zero-day vulnerability in Versa Director,...
Want to know what’s the latest and greatest in SecOps...
It has been a while since I started to track...
Google has revealed that a security flaw that was patched...
Details have emerged about a now-patched vulnerability in Microsoft 365...
SonicWall has released security updates to address a critical flaw...
The Dutch Data Protection Authority (DPA) has fined Uber a...
Nowadays, sensitive and critical data is traveling in everyday business...
Cybersecurity researchers are warning about the security risks in the...
If you follow my diaries, you probably already know that...
Two security vulnerabilities have been disclosed in the open-source Traccar...
Cybersecurity researchers have uncovered new Android malware that can relay...
Cybersecurity researchers have uncovered a new stealthy piece of Linux...
Pavel Durov, founder and chief executive of the popular messaging...
Meta Platforms on Friday became the latest company after Microsoft,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed...
Cybersecurity researchers have uncovered a never-before-seen dropper that serves as...
While trying to process some of my honeypot data, I...
The proliferation of new top-level domains (TLDs) has exacerbated a...
Read the full article for key points from Intruder’s VP...
The threat actors behind a recently observed Qilin ransomware attack...
Cybersecurity researchers have uncovered a new information stealer that's designed...
A 33-year-old Latvian national living in Moscow, Russia, has been...
For a whille now, I have seen scans that contain...
SolarWinds has issued patches to address a new security flaw...
Cybersecurity researchers have uncovered a hardware backdoor within a particular...
Details have emerged about a China-nexus threat group's exploitation of...
As many as 15,000 applications using Amazon Web Services' (AWS)...
What is Continuous Attack Surface Penetration Testing or CASPT? Continuous...
Cybersecurity researchers have disclosed a critical security flaw in the...
Google has rolled out security fixes to address a high-severity...
A new remote access trojan called MoonPeak has been discovered...
Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's...
It's no great revelation to say that SaaS applications have...
In what's a case of an operational security (OPSEC) lapse,...
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned...
A maximum-severity security flaw has been disclosed in the WordPress...
Mobile users in the Czech Republic are the target of...
As cloud infrastructure becomes the backbone of modern enterprises, ensuring...
I recorded a quick live stream with a quick update...
In today's rapidly evolving cyber threat landscape, organizations face increasingly...
A previously undocumented backdoor named Msupedge has been put to...
Cybersecurity researchers are warning about the discovery of thousands of...
Cybersecurity researchers have shed light on a threat actor known...
New details are emerging about a breach at National Public...
Cybersecurity researchers have uncovered a surge in malware infections stemming...
A new type of malware called UULoader is being used...
A newly patched security flaw in Microsoft Windows was exploited...
I found a tiny .bat file that looked not suspicious...
OpenAI on Friday said it banned a set of accounts...
A large-scale extortion campaign has compromised various organizations by taking...
Let’s discuss IT strategy, services, and business solutions & compliance concerns.
Follow us
Copyright © 2024 Lexifo. All rights reserved