New Voldemort malware abuses Google Sheets to store stolen data
A campaign that started on August 5, 2024, is spreading a previously undocumented malware named "Voldemort" to organizations worldwide, impersonating…
Microsoft 365 anti-phishing feature can be bypassed with CSS
Researchers have demonstrated a method to bypass an anti-phishing measure in Microsoft 365 (formerly Office 365), elevating the risk of…
Ransomware Has Outsized Impact on Gas, Energy & Utility Firms
Attackers are more likely to target critical infrastructure industries and, when they do, they cause more disruption and ask higher…
Iranian Cyber Threat Group Drops New Backdoor, ‘BugSleep’
The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear phishing and legitimate remote…
Threat Actors Ramp Up Use of Encoded URLs to Bypass Secure Email
The tactic is not new, but there has been a steady increase in its use as of this spring.
Critical Exim bug bypasses security filters on 1.5 million mail servers
Censys warns that over 1.5 million Exim mail transfer agent (MTA) instances are unpatched against a critical vulnerability that lets…
New Phishing Campaign Using AI generated Emails, Human Live Chat to Target Social Media Business Accounts
Fraudsters leverage complex phishing scams in attempt to gain control over organizations’ Meta accounts A sophisticated phishing campaign is targeting…
Ethereum mailing list breach exposes 35,000 to crypto draining attack
A threat actor compromised Ethereum's mailing list provider and sent to over 35,000 addresses a phishing email with a link…
New Unfurling Hemlock threat actor floods systems with malware
A threat actor tracked as Unfurling Hemlock has been infecting target systems with up to ten pieces of malware at the…
Police seize over 100 malware loader servers, arrest four cybercriminals
An international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader…