Cybercriminals return to business as usual in a post-pandemic world
After two years of pandemic-induced disruption, 2022 was a return to business as usual for the world’s cybercriminals, according to Proofpoint. As COVID-19 medical and…
Month: June 2023
Cybersecurity culture improves despite the dark clouds of the past year
Despite a hardening economic climate, heightened global tensions and the onset of new technology making cybercrime easier, 76% of the CISOs, suggested that no material…
LockBit ransomware advisory from CISA provides interesting insights
A joint advisory published by CISA, the FBI and many others shows some interesting stats that align with data found by Malwarebytes. The US Cybersecurity…
New Diicot Threat Group Targets SSH Servers with Brute-Force Malware
Diicot shares its new name with the Romanian anti-terrorism policing unit and uses the same style of messaging and imagery. Researchers from Cado Labs reported…
Rhysida ransomware leaks documents stolen from Chilean Army
Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents stolen from the network of…
Grammarly CISO Suha Can Discusses the Impact of Preemptive Security with HackerOne
The allure of generative AI and the importance of the basics. While the advent of generative AI poses new challenges, it’s important not to neglect…
Barracuda ESG zero-day exploited by China-linked APTSecurity Affairs
Experts linked the UNC4841 threat actor behind the attacks exploiting the recently patched Barracuda ESG zero-day to China. Mandiant researchers linked the threat actor UNC4841…
MOVEit Transfer customers warned of new flaw as PoC info surfaces
Progress warned MOVEit Transfer customers to restrict all HTTP access to their environments after info on a new SQL injection (SQLi) vulnerability was shared online today.…
Unreleased Music Stolen and Sold on Dark Web: Hacker Fined
The dark web hacker previously pleaded guilty to multiple charges, including copyright offences, computer misuse, possession of criminal property, and converting criminal property. In a…
Hacking Jenkins server with CSRF vulnerability
Jenkins, which is sometimes referred to as the “engine” of DevOps, provides users with a vast number of tools that enable them to monitor and…
CISA, NSA Share Guidance on Hardening Baseboard Management Controllers
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published new guidance to help organizations harden baseboard management controllers (BMCs).…
Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency
Jun 15, 2023Ravie LakshmananCryptocurrency / Ransomware Ransomware actors and cryptocurrency scammers have joined nation-state actors in abusing cloud mining services to launder digital assets, new…