Cybercrime
Cybercrime | News, how-tos, features, reviews, and videos
Guardz releases AI-powered phishing protection solution for SMEs, MSPs
Solution combines email security, web browsing protection, perimeter posture, and awareness culture to help tackle phishing attacks.
Barracuda urges customers to replace vulnerable appliances immediately
A patch for the vulnerability, which has been exploited since October 2022, had been issued by Barracuda last month to stop the exploit from allowing ESG backdooring.
Clop extortion gang gives MOVEit exploit victims one week to reach out
At least 20 organizations have been compromised by Clop's MOVEit exploit, according to new research.
Over 60,000 Android apps infected with adware-pushing malware
While currently used to push adware, the campaign can redirect users to other types of malware, such as banking Trojans, to steal credentials and financial information or ransomware.
Traditional malware increasingly takes advantage of ChatGPT for attacks
As exploits against vulnerabilities increase overall, Palo Alto Networks' research unit has observed a jump in attempts to mimic ChatGPT through squatting domains.
ChatGPT creates mutating malware that evades detection by EDR
Mutating, or polymorphic, malware can be built using the ChatGPT API at runtime to effect advanced attacks that can evade endpoint detections and response (EDR) applications.
Cloud misconfiguration causes massive data breach at Toyota Motor
Vehicle data and customer information were exposed for over eight years due to a cloud misconfiguration at Toyota Motor that impacted over 260,000 customers.
Clop ransomware gang exploits the MOVEit Transfer vulnerability to steal data
At least one organization, UK payroll provider Zellis, has confirmed a breach via the MOVEit utility.
Atomic Wallet hack leads to at least $35M in stolen crypto assets
The biggest victim of the cryptocurrency hack on Atomic Wallet was an individual who reportedly lost $7.95 million in Tether.
Federal cyber incidents reveal challenges of implementing US National Cybersecurity Strategy
As federal government cybersecurity incidents continue to mount, the Biden administration's National Cybersecurity Strategy should help, although experts say implementing it won't be easy.
Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab
The Operation Triangulation surveillance campaign infects Apple iPhones without the need for user action and is difficult to detect.
Attackers use Python compiled bytecode to evade detection
Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.
What is the Cybercrime Atlas? How it can help disrupt cybercrime
The Cybercrime Atlas aims to map the cybercriminal ecosystem worldwide and allow global law enforcement agencies to access that information when fighting cybercrime.
Gigabyte firmware component can be abused as a backdoor
Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems.
Barracuda patches zero-day vulnerability exploited since October
The vulnerability stemmed from incomplete input validation of user-supplied .tar files.
Phishing remained the top identity abuser in 2022: IDSA report
The survey revealed phishing as the most common identity-related incident in 2022, with “emails” as the most popular type.
AI-automated malware campaigns coming soon, says Mikko Hyppönen
The industry pioneer also expects cybersecurity to remain a growth business for years and sees Russian hacktivists as demoralizing European infosec teams.
