US charges admin of LockerGoga, MegaCortex, Nefilim ransomware
The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his role as the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware…
Latest Cybersecurity News — Page 1552
View all →
FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands
Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized commands. Tracked as CVE-2024-45325, the…
FortiDDoS Vulnerability Lets Hackers Execute Unauthorized OS Commands
Fortinet has disclosed a significant OS command injection vulnerability in its FortiDDoS-F appliances that could allow privileged attackers to execute unauthorized code or commands through…
New Salty2FA Phishing Kit Bypasses MFA and Clones Login Pages
A new, sophisticated phishing kit, Salty2FA, is using advanced tactics to bypass MFA and mimic trusted brands. Read expert analysis on how these “Phishing 2.0”…
National cyber director: U.S. strategy needs to shift cyber risk from Americans to its adversaries
The United States needs a “new, coordinated strategy” to counter its cyber adversaries and “shift the burden of risk in cyberspace from Americans to them,”…
Salat Stealer Exfiltrates Browser Credentials Via Sophisticated C2 Infrastructure
Salat Stealer has emerged as a pervasive threat targeting Windows endpoints with a focus on harvesting browser-stored credentials and cryptocurrency wallet data. First detected in…
Multiple Vulnerabilities Discovered in Ivanti Connect Secure, Policy Secure, and ZTA Gateways
Ivanti on September 9 released a security advisory detailing six medium and five high severity vulnerabilities impacting Ivanti Connect Secure, Policy Secure, ZTA Gateways, and Neurons for Secure Access.…
Republic and Incentiv Partner to Simplify and Reward Web3 Participation
Republic today announced a strategic partnership with Incentiv, an EVM-compatible Layer 1 blockchain designed to make Web3 simple, accessible, and rewarding for all participants. Building…
Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft’s Direct Send feature to form a “highly efficient attack pipeline” in recent…
Fujitsu braced for double-digit decline triggered by ‘foolish display of legal machismo’
Fujitsu expects its UK sales to see a double-digit drop as some controversial public sector wins fail to plug the hole in its business. Its…
Black Hat USA 2025 CISO Podcast Series Ep-6 Goes Live
Artificial Intelligence (AI) is no longer just a buzzword in cybersecurity—it has become a practical and powerful tool that enterprises are using to stay ahead…
Mitsubishi Electric to acquire Nozomi Networks in $1 billion deal
Industrial conglomerate Mitsubishi Electric has agreed to acquire OT and IoT cybersecurity specialist Nozomi Networks in a transaction that values the San Francisco-based firm near…