Ukraine CERT: Mass Phishing Campaign Poses as Nation’s Security Service
More than 100 Ukrainian government devices have been affected by the threat that is being tracked as UAC-0198.
Chinese hacking groups target Russian government, IT firms
A series of targeted cyberattacks that started at the end of July 2024, targeting dozens of systems used in Russian…
Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs
An ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the…
US dismantles laptop farm used by undercover North Korean IT workers
The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies…
CISA warns of hackers abusing Cisco Smart Install feature
CISA recommends disabling the legacy Cisco Smart Install feature after seeing it abused by threat actors in recent attacks to…
18-year-old security flaw in Firefox and Chrome exploited in attacks
A vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox,…
How MSPs and MSSPs offer vCISO services with skilled CISOs in short supply
With skilled CISOs in short supply, service providers are turning to virtual CISOs. A new eBook by Cynomi explains how…
INTERPOL recovers over $40 million stolen in a BEC attack
A global stop-payment mechanism created by INTERPOL successfully recovered over $40 million stolen in a BEC attack on a company in…
Hunters International Disguises SharpRhino RAT as Legitimate Network Admin Tool
The RaaS group that distributes Hive ransomware delivers new malware impersonating as validly signed network-administration software to gain initial access…
Point of entry: Why hackers target stolen credentials for initial access
Stolen credentials are a big problem, commonly used to breach networks in attacks. Learn more from Specops Software about checking…