Infosec News

Microsoft has observed the threat actor tracked as Storm-0501 launching a multi-staged attack where they compromised hybrid cloud environments and performed lateral movement from on-premises to cloud environment, leading to data exfiltration, credential theft, tampering, persistent backdoor access, ...

The REF6138 campaign involved cryptomining, DDoS attacks, and potential money laundering via gambling APIs, highlighting the attackers' use of evolving malware and stealthy communication channels.

North Korea's IT workforce presents a persistent and escalating cyber threat.

The company told regulators at the U.S. Securities and Exchange Commission (SEC) that it reported the incident — which involves a variety of sensitive data on about 5,000 people — to federal law enforcement.

Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics. Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double...

Attackers leverage QR codes in PDF email attachments to spearphish corporate credentials from mobile devices

The Kaspersky Digital Footprint Intelligence team shares insights into the H1 2024 Middle Eastern cyberthreat landscape: hacktivism, initial access brokers, ransomware, stealers, and so on.

Microsoft uncovers a macOS flaw allowing unauthorized access to sensitive data. Update your device now!

The Kubernetes Image Builder vulnerability (CVE-2024-9486) poses a critical security threat.

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.

Discover the alarming rise in cyber threats, with attacks on Microsoft customers doubling to 600 million per day. The latest Microsoft Digital Defense Report reveals the increasing collusion between nation-state actors and cybercriminals, highlighting the global impact on geopolitical conflicts and ...

This is the fifth blog post in an ongoing series on Rogue AI about mitigating AI risks. Keep following for more technical guidance, case studies, and insights

Authorities in 28 countries orchestrated thousands of arrests and website shutdowns while also disrupting scam centers and their related human trafficking and money laundering operations.

Analysis of malware samples using a technique to thwart all binary analysis tools, and hinder reverse engineering efforts.

On September 26, 2024, security researcher Simone Margaritelli disclosed the details of four OpenPrinting Common UNIX Printing System (CUPS) vulnerabilities.

Leading provider of cybersecurity solutions: Threat Intelligence, antifraud, anti-APT. Protect better, respond faster to network security attacks and threats.

Elastic Security Labs discusses detection and mitigation strategies for vulnerabilities in the CUPS printing system, which allow unauthenticated attackers to exploit the system via IPP and mDNS, resulting in remote code execution (RCE) on UNIX-based systems such as Linux, macOS, BSDs, ChromeOS, and ...

Group-IB reveals Cicada3301 ransomware’s affiliate panel, targeting U.S. and U.K. sectors with cross-platform attacks.

Have I Been Pwned allows you to search across multiple data breaches to see if your email address or phone number has been compromised.

American insurance giant Globe Life is facing extortion demands from hackers who stole data on over 5,000 individuals from one of its subsidiaries.

Kaspersky analyzes SideWinder APT’s recent activity: new targets in the MiddleEast and Africa, post-exploitation tools and techniques.

Kerberoasting, a well-known Active Directory (AD) attack vector, enables threat actors to steal credentials and navigate through devices and networks. Microsoft is sharing recommended actions administrators can take now to help prevent successful Kerberoasting cyberattacks.

RomCom cyber attacks target Ukraine with new SingleCamper RAT, aiming for espionage and ransomware.

The Justice Department said a 25-year-old Athens, Alabama, man used a SIM swap to break into the Securities and Exchange Commission's account on X to post false information about a bitcoin-related security.

The Unit 42 Threat Frontier report discusses GenAI's impact on cybersecurity, emphasizing the need for AI-specific defenses and proactive security. The Unit 42 Threat Frontier report discusses GenAI's impact on cybersecurity, emphasizing the need for AI-specific defenses and proactive security.

Elastic is releasing a threat hunting package designed to aid defenders with proactive detection queries to identify actor-agnostic intrusions.

Learn five Forrester AI security takeaways.

Attackers are on the prowl for weaknesses in infrastructure and software like a cat eyeing its helpless prey.

capa Explorer Web is a browser-based tool to display the capabilities found by capa, our popular reverse engineering tool.