FIN7 hackers launch deepfake nude “generator” sites to spread malware
The notorious APT hacking group known as FIN7 launched a network of fake AI-powered deepnude generator sites to infect visitors with…
U.S. govt agency CMS says data breach impacted 3.1 million people
The Centers for Medicare & Medicaid Services (CMS) federal agency announced earlier this month that health and personal information of…
Transport for London staff faces systems disruptions after cyberattack
Transport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due…
Transport for London discloses ongoing “cyber security incident”
Transport for London (TfL), the city's transport authority, is investigating an ongoing cyberattack that has yet to impact its services.…
Sheltering From the Cyberattack Storm – Part Two
In the first part of this series, I discussed sophisticated cyberattacks, analyzed an example, and offered advice on how to remediate…
Russian ransomware gangs account for 69% of all ransom proceeds
Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding…
The Scourge of Ransomware
Ransomware has become a growing threat in our new hybrid world. It encrypts a victim’s files, rendering them inaccessible, and…
Verizon DBIR: Basic Security Gaffes Underpin Bumper Crop of Breaches
MOVEit drove a big chunk of the increase, but human vulnerability to social engineering and failure to patch known bugs…
Ransomware Gangs Use PR Charm Offensive to Pressure Victims
Threat actors are fully embracing the spin machine: rebranding, speaking with the media, writing detailed FAQs, and more, all in…
Web Shells Gain Sophistication for Stealth, Persistence
A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information…