Threat Actors Target Victims with HijackLoader and DeerStealer
Cyber-attacks using HijackLoader and DeerStealer have been identified exploiting phishing tactics via ClickFix
Information Security Magazine
Archetyp Market Shut Down in Europe-wide Law Enforcement Operation
1 month 4 weeks ago
Operation DEEP Sentinel has shut down Archetyp Market, the longest-running dark web drug marketplace
Tenable Fixes Three High-Severity Flaws in Vulnerability Scanner Nessus
1 month 4 weeks ago
Nessus users should update patches as soon as possible
Anubis Ransomware Adds File-Wiping Capability
1 month 4 weeks ago
Trend Micro identified a novel “wipe mode” included in Anubis ransomware to prevent file recovery, increasing pressure on victims to give in to demands
Over a Third of Grafana Instances Exposed to XSS Flaw
1 month 4 weeks ago
Some 36% of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk
WestJet Investigates Cyber-Attack Impacting Customers
1 month 4 weeks ago
Canadian airline WestJet is investigating a cyber-attack that struck on June 13
Former CISA and NCSC Heads Warn Against Glamorizing Threat Actor Names
2 months ago
Jen Easterly and Ciaran Martin called for a universal, vendor-neutral cyber threat actor naming system
European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms
2 months ago
This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware
Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm
2 months ago
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of the SimpleHelp RMM tool
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
2 months ago
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple email
Palo Alto Networks Patches Series of Vulnerabilities
2 months ago
The cybersecurity provider also implemented recent fixes in Chromium that affected its Prisma Access Browser
NIST Publishes New Zero Trust Implementation Guidance
2 months ago
The new NIST guidance sets out 19 example implementations of zero trust using commercial, off-the-shelf technologies
Europol Says Criminal Demand for Data is “Skyrocketing”
2 months ago
Europol warns of “vicious circle” of data breaches and cybercrime
Phishing Alert as Erie Insurance Reveals Cyber “Event”
2 months ago
Erie Insurance reveals suspected network breach and ongoing outage
Congress Introduces Bill to Strengthen Healthcare Cybersecurity
2 months ago
The legislation aims to expand the federal government’s role in helping healthcare providers protect and respond to cyber-attacks
20,000 Asian IPs and Domains Dismantled in Infostealer Crackdown
2 months ago
Interpol-coordinated Operation Secure led to 32 arrests, including the suspected ringleader of a cybercriminal organization
Hands-On Skills Now Key to Landing Your First Cyber Role
2 months ago
An ISC2 study found that 90% of security hiring managers would consider entry-level candidates with only previous IT work experience
Researcher Finds Five Zero-Days and 20+ Misconfigurations in Salesforce Cloud
2 months ago
The products affected by the issues are part of the Salesforce OmniStudio suite, including FlexCards and Data Mappers
Half of Mobile Users Now Face Daily Scams
2 months ago
Malwarebytes claims 44% of mobile users are exposed to scams every day
Two Microsoft Zero-Days for Admins to Fix in June Patch Tuesday
2 months ago
Microsoft has patched two zero days this month, one of which is being exploited in the wild
Checked
10 hours 37 minutes ago