Now Patched VMware Zero-Day Bug Exploited In Wild

Progress Software Hit With Class Action Suit Over MOVEit Hack

Oreo Cookie Maker Says Crooks Gobbled Up Staff Info

Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican. Some of the other targets included a government finance department and a corporation that markets products in the Americas as

Over 100,000 ChatGPT Accounts Found For Sale On Dark Web

Data Leak At Law Firm Sets Australia's Elites Scrambling

Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign

Individuals in the Pakistan region have been targeted using two rogue Android apps available on the Google Play Store as part of a new targeted campaign. Cybersecurity firm Cyfirma attributed the campaign with moderate confidence to a threat actor known as DoNot Team, which is also tracked as APT-C-35 and Viceroy Tiger. The espionage activity involves duping Android smartphone owners into

Abandoned S3 Bucket Used To Launch Malicious Payloads

Progress Software Rushes To Patch Another MOVEit SQL Vulnerability

Hacker Gang Clop Publishes Victim Names On Dark Web

Barracuda Zero Day Attacks Attributed To Chinese Cyberespionage Group

Hackers Can Steal Cryptographic Keys By Video Recording Power LEDs 60 Feet Away

Fortinet Warns Customers Of Possible Zero Day Exploited In Limited Attacks

Chinese Spies Caught Exploiting VMware ESXi Zero Day

MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs

Online Muggers Make Serious Moves On Unpatched Microsoft Bugs

New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies

Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. "SPECTRALVIPER is a heavily obfuscated, previously undisclosed, x64 backdoor that brings PE loading and injection, file upload and download, file and directory manipulation, and token impersonation capabilities," Elastic Security Labs said in a Friday report. The

Ransomware Gang Clop Prepped Zero Day MOVEit Attacks In 2021

Hacker Attempts To Exploit Old And New Bugs Up 55%

Dozens Of Popular Minecraft Mods Found Infected With Fracturiser Malware

People Are Pirating GPT-4 By Scraping Exposed API Keys

Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks

The North Korean nation-state threat actor known as Kimsuky has been linked to a social engineering campaign targeting experts in North Korean affairs with the goal of stealing Google credentials and delivering reconnaissance malware. "Further, Kimsuky's objective extends to the theft of subscription credentials from NK News," cybersecurity firm SentinelOne said in a report shared with The

BBC, BA, And Boots Issued With Ultimatum By Cyber Gang Clop

MoveIt Hack: What Actions Can Data Breach Victims Take?

Crypto Catastrophe Stikes Some Atomic Wallet Users, Over $35 Million Thought Stolen

Ransomware Attacks Have Room To Grow, Verizon Report Shows

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme

A Chinese-speaking phishing gang dubbed PostalFurious has been linked to a new SMS campaign that's targeting users in the U.A.E. by masquerading as postal services and toll operators, per Group-IB. The fraudulent scheme entails sending users bogus text messages asking them to pay a vehicle trip fee to avoid additional fines. The messages also contain a shortened URL to conceal the actual

Qbot Malware Adapts To Live Another Day... And Another...

British Airways, Boots, And BBC Staff Details Targeted In Russia-Linked Cyber Attack

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts

An unknown cybercrime threat actor has been observed targeting Spanish- and Portuguese-speaking victims to compromise online banking accounts in Mexico, Peru, and Portugal. "This threat actor employs tactics such as LOLBaS (living-off-the-land binaries and scripts), along with CMD-based scripts to carry out its malicious activities," the BlackBerry Research and Intelligence Team said in a report

BlackCat Updates Tradecraft With Stealth And Speed

Clickless iOS Exploits Infect Kaspersky iPhones With Never-Before-Seen Malware

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

The Chinese nation-state group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines." What the malware lacks in

North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social engineering tactics to strike think tanks, academia, and news media sectors. The "sustained information gathering efforts" have been attributed to a state-sponsored cluster dubbed Kimsuky, which is also known by the names APT43, ARCHIPELAGO, Black Banshee, Emerald Sleet (

Researchers Tell Owners To Assume Compromise Of Unpatched Zyxel Firewalls

N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT

Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that's employed by the North Korean state-sponsored actor known as ScarCruft. "RokRAT is a sophisticated remote access trojan (RAT) that has been observed as a critical component within the attack chain, enabling the threat actors to gain unauthorized access, exfiltrate sensitive information, and potentially

Organizations Warned Of Backdoor In Hundreds Of Gigabyte Motherboards

Critical Barracuda 0-Day Was Used To Backdoor Networks For 8 Months

Software Liability And Hard Truths Of Manufacturer Responsibility

Hacker Wins $105k For Reporting Flaws In Sonos One Speakers

ABB Confirms Data Stolen In Black Basta Ransomware Attack

OneMain Pays $4.5M After Ignored Security Flaws Caused Data Breaches

Is Cybersecurity An Unsolvable Problem?

Dutch Watchdog Looking Into Alleged Tesla Data Breach

Reflections On Ten Years Past The Snowden Revelations

Legion Malware Expands Scope To Target AWS CloudWatch Monitoring Tool

Chinese Hackers That Triggered US Alarm Hit Defense Targets

Why Are 1.8M Apria Patients Just Now Being Notified Of A 2021 Breach?

UN Official And Others In Armenia Hacked By NSO Group Spyware

Alert: Brazilian Hackers Targeting Users of Over 30 Portuguese Banks

A Brazilian threat actor is targeting more than 30 Portuguese financial institutions with information-stealing malware as part of a long-running campaign that commenced in 2021. "The attackers can steal credentials and exfiltrate users' data and personal information, which can be leveraged for malicious activities beyond financial gain," SentinelOne researchers Aleksandar Milenkoski and Tom

China's Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected

A stealthy China-based group managed to establish a persistent foothold into critical infrastructure organizations in the U.S. and Guam without being detected, Microsoft and the "Five Eyes" nations said on Wednesday. The tech giant's threat intelligence team is tracking the activity, which includes post-compromise credential access and network system discovery, under the name Volt Typhoon. The

Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware

The Iranian threat actor known as Agrius is leveraging a new ransomware strain called Moneybird in its attacks targeting Israeli organizations. Agrius, also known as Pink Sandstorm (formerly Americium), has a track record of staging destructive data-wiping attacks aimed at Israel under the guise of ransomware infections. Microsoft has attributed the threat actor to Iran's Ministry of

Infecting SSH Public Keys With Backdoors

North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware

The North Korean advanced persistent threat (APT) group known as Kimsuky has been observed using a piece of custom malware called RandomQuery as part of a reconnaissance and information exfiltration operation. "Lately, Kimsuky has been consistently distributing custom malware as part of reconnaissance campaigns to enable subsequent attacks," SentinelOne researchers Aleksandar Milenkoski and Tom

The Undergound History Of Russia's Most Ingenious Hacker Group

Threat Actor Bypasses Detection, Protections In Microsoft Azure Serial Console

Oil And Gas Sectors Lag Behind Other Industries In Gathering Intel

Malware Turns Home Routers Into Proxies For Chinese Hackers

Escalating China-Taiwan Tensions Fuel Alarming Surge in Cyber Attacks

The rising geopolitical tensions between China and Taiwan in recent months have sparked a noticeable uptick in cyber attacks on the East Asian island country. "From malicious emails and URLs to malware, the strain between China's claim of Taiwan as part of its territory and Taiwan's maintained independence has evolved into a worrying surge in attacks," the Trellix Advanced Research Center said 

U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator

A Russian national has been charged and indicted by the U.S. Department of Justice (DoJ) for launching ransomware attacks against "thousands of victims" in the country and across the world. Mikhail Pavlovich Matveev (aka Wazawaka, m1x, Boriselcin, and Uhodiransomwar), the 30-year-old individual in question, is alleged to be a "central figure" in the development and deployment of LockBit, Babuk,