Malware now using NVIDIA’s stolen code signing certificates
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to…
Conti Ransomware Group Diaries, Part III: Weaponry
Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt…
Palo Alto Networks Introduces PAN-OS 10.2 Nebula
Software collects, analyzes, and interprets potential zero-day threats in real time using inline deep learning.
Microsoft Exchange servers hacked to deploy Cuba ransomware
The Cuba ransomware operation is exploiting Microsoft Exchange vulnerabilities to gain initial access to corporate networks and encrypt devices. [...]
Entropy ransomware linked to Evil Corp’s Dridex malware
Analysis of the recently-emerged Entropy ransomware reveals code-level similarities with the general purpose Dridex malware that started as a banking…
Vulnerable Microsoft SQL Servers targeted with Cobalt Strike
Threat analysts have observed a new wave of attacks installing Cobalt Strike beacons on vulnerable Microsoft SQL Servers, leading to…
Red Cross Hack Linked to Iranian Influence Operation?
A network intrusion at the International Committee for the Red Cross (ICRC) in January led to the theft of personal…
Threat Actors Revive 20-Year-Old Tactic in Microsoft 365 Phishing Attacks
Recent attacks involving so-called "right-to-left override" spoofing aimed at Microsoft 365 users show how attackers sometimes modify and improve old…
FIN7 group continues to target US companies with BadUSB devices
The Federal Bureau of Investigation (FBI) warns US companies that the FIN7 cybercriminals group is targeting the US […] The…
FBI Warns FIN7 Campaign Delivers Ransomware via BadUSB
An FBI warning says the FIN7 cybercrime group has sent packages containing malicious USB drives to US companies in an…