North Korean hackers exploit VPN update flaw to install malware
South Korea’s National Cyber Security Center (NCSC) warns that state-backed DPRK hackers hijacked flaws in a VPN’s software update to...
Read more →News Archive
View All →
AppOmni unveils SaaS-aware ITDR capabilities
AppOmni announced a series of technology advances to deliver identity and threat detection (ITDR) capabilities to protect SaaS environments. The...
Read more →
332 Million Email Addresses Scraped from SOCRadar.io Dumped Online
A hacker known as USDoD claims to have scraped 332 million email addresses from SOCRadar.io, which were later dumped online...
Read more →
Malware induction into Windows and MacOS devices via ISP
Volexity, a cutting-edge cybersecurity firm based in Virginia, has uncovered a Chinese hacking group known as StormBamboo, which is injecting...
Read more →
Chinese cyber attack sparks alert over six year old MS vuln
The United States Cybersecurity and Infrastructure Security Agency (CISA) has added a Microsoft vulnerability dating back to 2018 to its...
Read more →
New LianSpy malware hides by blocking Android security feature
A previously undocumented Android malware named ‘LightSpy’ has been discovered targeting Russian users, posing on phones as an Alipay app...
Read more →
Russia’s luxury car phish continues to prove effective
Foreign diplomatic missions and non-governmental organisations (NGOs) in Ukraine are failing to adequately safeguard staffers from basic phishing attacks, putting...
Read more →
Bloody Wolf Attacking Organizations With $80 Malware From Underground Market
Cybersecurity experts have uncovered a series of attacks targeting organizations in Kazakhstan by a threat actor dubbed “Bloody Wolf.” The...
Read more →
World’s largest companies at near-universal risk of supply chain breach
Out of the world’s 2,000 largest companies, 1,980 have a direct connection to a technology supplier that has experienced a...
Read more →
Last chance for discount registration at Mandiant’s mWISE 2024
Register today for mWISE™, the unique cybersecurity conference from Mandiant, now part of Google Cloud. Built by practitioners for practitioners,...
Read more →
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)
CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated...
Read more →
Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks
Aug 05, 2024Ravie LakshmananNetwork Security / Threat Intelligence Organizations in Kazakhstan are the target of a threat activity cluster dubbed...
Read more →