Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece…
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install…
Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What…
Criminal IP's Chrome extension offers real-time scanning of websites worldwide, using AI-based detection to identify recently created phishing sites. [...]
Ask Fitis, the Bear: Real Crooks Sign Their Malware
Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece…
New MOVEit Transfer zero-day mass-exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in the MOVEit Transfer file transfer software, tracked as CVE-2023-34362, to steal data…
Hackers exploit critical Zyxel firewall flaw in ongoing attacks
Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install…
RomCom malware spread via Google Ads for ChatGPT, GIMP, more
A new campaign distributing the RomCom backdoor malware is impersonating the websites of well-known or fictional software, tricking users into…
Ransomware Takes No Prisoners
By Monica Oravcova, COO and Co-Founder of Naoris Protocol The recent Killnet cyberattack that disrupted contact between NATO and military…
The Week in Ransomware – May 26th 2023 – Cities Under Attack
Ransomware gangs continue to hammer local governments in attacks, taking down IT systems and disrupting cities' online services. [...]
US sanctions orgs behind North Korea’s ‘illicit’ IT worker army
The Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions today against four entities and one individual for their…
Interview With a Crypto Scam Investment Spammer
Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. What…
An AI-based Chrome Extension Against Phishing, Malware, and Ransomware
Criminal IP's Chrome extension offers real-time scanning of websites worldwide, using AI-based detection to identify recently created phishing sites. [...]
Apple Patches 3 Zero-Days Possibly Already Exploited
In an advisory released by the company, Apple revealed patches for three previously unknown bugs it says may already have…