US govt sanctions North Korea’s Kimsuky hacking group
The Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned the North Korean-backed Kimsuky hacking group for stealing intelligence…
Cactus ransomware exploiting Qlik Sense flaws to breach networks
Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks.…
Deluge of Nearly 300 Fake Apps Floods Iranian Banking Sector
No Iranian bank customers are safe from financially motivated cybercriminals wielding convincing but fake mobile apps.
FjordPhantom Android malware uses virtualization to evade detection
A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade…
Police dismantle ransomware group behind attacks in 71 countries
In cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of…
Ukraine says it hacked Russian aviation agency, leaks data
Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a…
Slovenia’s largest power provider HSE hit by ransomware attack
Slovenian power company Holding Slovenske Elektrarne (HSE) has suffered a ransomware attack that compromised its systems and encrypted files, yet…
Fake Browser Updates Targeting Mac Systems With Infostealer
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts…
Web Shells Gain Sophistication for Stealth, Persistence
A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information…
3 Ways to Stop Unauthorized Code From Running in Your Network
As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to…