Aggregator

ScarCruft, a prolific North Korean-backed advanced persistent threat (APT) group, has significantly refined its cyberespionage capabilities in a newly identified campaign distributing the ROKRAT malware. This recent activity marks a strategic deviation from their traditional reliance on LNK-based attack chains, pivoting instead to a complex infection method utilizing Object Linking and Embedding (OLE) objects embedded […]

The post ScarCruft Abuses Legitimate Cloud Services for C2 and OLE-based Chain to Drop Malware appeared first on Cyber Security News.

关键词勒索软件代号为 TA584 的高活跃度初始访问中间商近期被发现，正利用 Tsundere Bot 与 X

关键词漏洞内容安全防线一旦失守，即便是体量庞大的互联网平台，也可能在短时间内陷入失控状态。

AI security requires more than cloud hardening. The real attack surface isn't your infrastructure—it's the supply chains, agents, and humans that make up the system around it.

The post AI security’s ‘Great Wall’ problem appeared first on CyberScoop.

The threat actor known as Bloody Wolf has been linked to a campaign targeting Uzbekistan and Russia to infect systems with a remote access trojan known as NetSupport RAT. Cybersecurity vendor Kaspersky is tracking the activity under the moniker Stan Ghouls. The threat actor is known to be active since at least 2023, orchestrating spear-phishing attacks against manufacturing, finance, and IT

The European Commission has confirmed the detection and containment of a security incident affecting the central infrastructure that manages staff mobile devices. The breach, identified on January 30 through internal telemetry, resulted in unauthorized access to a limited subset of Personally Identifiable Information (PII), specifically staff names and mobile numbers. Crucially, the attack appears to […]

The post European Commission Contains Cyber-Attack Targeting Staff Mobile Data appeared first on Cyber Security News.

Microsoft is investigating an ongoing Exchange Online issue that mistakenly flags legitimate emails as phishing and quarantines them. [...]

Cisco Talos uncovers DKnife, a China-nexus framework targeting routers and edge devices. Learn how seven stealthy implants hijack data and deliver malware via AitM attacks.

Разбираемся, за счет чего Linux 6.19 стал работать заметно быстрее.

各机构在24个月内建立持续发现流程，识别边缘设备，并维护即将达到终止支持状态的设备和软件清单。

速升级

Revolut claims social media sites make £3.8bn annually from scam ads targeting European users

IT-гиганты невольно стали соучастниками фишинговых атак.

数字时代，网络游戏已成为不少未成年人休闲娱乐的重要选择，但随之而来的过度充值问题频频引发困扰，不仅损害部分家庭的合法权益，也影响未成年人身心健康，成为长期的社会热点和民生堵点。

2025年《政府工作报告》首次将“具身智能”列入国家未来产业重点培育清单。具身智能作为与物理实体融合的人工智能，正在成为改变人类生产生活方式、推动社会智能跃升的重要引擎，有望催生颠覆性终端产品装备，促进生产力和生产关系的深层次变革。

近年来，公安机关坚持以人民为中心，依法严厉打击、整治网络犯罪，不断强化网络生态治理。《网络犯罪防治法》的出台正是立足防治网络犯罪的实际，塑造清朗网络环境的系统总结和立法升华。

近日，国家数据局等部门公开发布《关于培育数据流通服务机构 加快推进数据要素市场化价值化的意见》，为促进数据流通交易高质量发展提供了政策保障。

当前，各类数据流通服务机构竞相发展，在优化数据资源配置、拓展数据应用场景、激发数据市场活力等方面发挥了积极作用，但也存在功能定位尚不清晰、服务能力仍有短板、监督管理亟待完善等新情况新问题。