State-Sponsored Hackers Behind Majority of Vulnerability Exploits
Recorded Future highlighted the vast capabilities of state actors to rapidly weaponize newly disclosed vulnerabilities for geopolitical purposes
Information Security Magazine
TransUnion Data Breach Impacts 4.5 Million US Customers
1 month ago
The credit rating giant revealed that the breach, which occurred on July 28, was caused by unauthorized access to a third-party application
Fake IT Support Attacks Hit Microsoft Teams
1 month ago
Fake IT support lures are being used to trick employees into installing remote‑access tools via Microsoft Teams
Netherlands Confirms China's Salt Typhoon Targeted Small Dutch Telcos
1 month ago
Salt Typhoon’s primary Dutch targets were small internet service providers and hosting providers
Malicious VS Code Extensions Exploit Name Reuse Loophole
1 month ago
Visual Studio Code extensions have been identified exploiting a loophole that allows reuse of names from removed packages
Nevada Confirms Ransomware Attack, State Data Stolen
1 month ago
Nevada’s CIO confirmed in a press conference that ransomware actors had exfiltrated data from state networks, amid an ongoing incident investigation
Chinese Tech Firms Linked to Salt Typhoon Espionage Campaigns
1 month ago
The US, UK and allies have called out China’s “commercial cyber ecosystem” for enabling large-scale Salt Typhoon campaigns
Crypto Companies Freeze $47m in Romance Baiting Funds
1 month ago
Chainalysis, OKX, Binance and Tether have managed to stop nearly $50m reaching romance baiting fraudsters
Ransomware Actor Deletes Data and Backups Post-Exfiltration on Azure
1 month ago
Microsoft observed Storm-0501 pivot to the victim’s cloud environment to exfiltrate data rapidly and prevent the victim’s recovery
CISA Strengthens Software Procurement Security With New Tool
1 month ago
CISA has launched a new Software Acquisition Guide Web Tool to enhance security in software procurement
Researchers Discover First Reported AI-Powered Ransomware
1 month ago
While still in development, PromptLock is described as the “first known AI-powered ransomware” by ESET researchers
Nevada “Network Security Incident” Shuts Down State Offices and Services
1 month ago
The Office of the Governor of Nevada revealed that the incident has shut down in-person State services, while government phone lines and websites are offline
ShadowSilk Campaign Targets Central Asian Governments
1 month ago
A series of cyber-attacks against government organizations in Central Asia and Asia- Pacific has been linked to the ShadowSilk threat cluster
Citrix Patches Three NetScaler Zero Days as One Sees Active Exploitation
1 month ago
Citrix customers are urged to patch their vulnerable NetScaler appliances, but “patching alone won’t cut it,” experts said
ENISA to Coordinate €36m EU-Wide Incident Response Scheme
1 month ago
EU security agency ENISA is being handed €36m to operate the EU Cybersecurity Reserve
New Data Theft Campaign Targets Salesforce via Salesloft App
1 month ago
Google is warning of a new credential theft campaign targeting Salesforce customers via Salesloft Drift
New Phishing Campaign Abuses ConnectWise ScreenConnect to Take Over Devices
1 month ago
Abnormal AI said the campaign, which lures victims into downloading legitimate RMM software, marks a major evolution in phishing tactics
New Android Trojan Variant Expands with Ransomware Tactics
1 month ago
A new version of the Hook Android banking Trojan features 107 remote commands, including ransomware overlays
Phishing Campaign Uses UpCrypter to Deploy Remote Access Tools
1 month ago
A global phishing campaign has been identified using personalized emails and fake websites to deliver malware via UpCrypter
US: Maryland Confirms Cyber Incident Affecting State Transport Systems
1 month ago
All previously scheduled mobility trips across Maryland for this week will be honored, said the state’s transportation administration
Checked
4 hours 3 minutes ago