Traditional Pen Testing vs. PTaaS with Web Application Security
While traditional penetration testing (pen testing) has long been the go-to method for identifying security gaps in a organization’s network and web application, a new approach…
Category: Bleeping Computer
WannaCry ransomware impersonator targets Russian “Enlisted” FPS players
A ransomware operation targets Russian players of the Enlisted multiplayer first-person shooter, using a fake website to spread trojanized versions of the game. Enlisted is…
Russian hackers use PowerShell USB malware to drop backdoors
The Russian state-sponsored hacking group Gamaredon (aka Armageddon or Shuckworm) continues to target critical organizations in Ukraine’s military and security intelligence sectors, employing a refreshed toolset…
Barracuda ESG zero-day attacks linked to suspected Chinese hackers
A suspected pro-China hacker group tracked by Mandiant as UNC4841 has been linked to data-theft attacks on Barracuda ESG (Email Security Gateway) appliances using a…
Fake WannaCry ransomware targets Russian “Enlisted” FPS players
A ransomware operation targets Russian players of the Enlisted multiplayer first-person shooter, using a fake website to spread trojanized versions of the game. Enlisted is…
Windows Kernel CVE-2023-32019 fix is disabled by default
Microsoft has released an optional fix to address a Kernel information disclosure vulnerability affecting systems running multiple Windows versions, including the latest Windows 10, Windows…
Windows 11 KB5027231 update breaks Google Chrome for Malwarebytes users
Malwarebytes confirmed today that the Windows 11 22H2 KB5027231 cumulative update released this Patch Tuesday breaks Google Chrome on its customers’ systems. Windows admins and users…
New ‘Shampoo’ Chromeloader malware pushed via fake warez sites
A new ChromeLoader campaign is underway, infecting visitors of warez and pirated movie sites with a new variant of the search hijacker and adware browser…
Microsoft links data wiping attacks to new Russian GRU hacking group
Microsoft has linked a threat group it tracks as Cadet Blizzard since April 2023 to Russia’s Main Directorate of the General Staff of the Armed Forces (also…
Chinese hackers use DNS-over-HTTPS for Linux malware communication
The Chinese threat group ‘ChamelGang’ infects Linux devices with a previously unknown implant named ‘ChamelDoH,’ allowing DNS-over-HTTPS communications with attackers’ servers. The particular threat actor…
LockBit ransomware extorted $91 million in 1,700 U.S. attacks
U.S. and international cybersecurity authorities said in a joint LockBit ransomware advisory that the gang successfully extorted roughly $91 million following approximately 1,700 attacks against…
Your Audit Experience Before and After
Richard Stevenson, Manager of Cybersecurity Risk Management and Compliance at Drata Automation transforms the audit experience. What was once a burden to bear becomes a…