News Analyses

05 malware

Gigabyte firmware component can be abused as a backdoor

Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems.

Electricity grid

Researchers find new ICS malware toolkit designed to cause electric power outages

Mandiant recommends threat-hunting steps to detect COSMICENERGY despite no confirmed attacks in the wild.

fighter hacker skull and crossbone skeleton scary mask sebastiaan stam 573834 unsplash

SMBs and regional MSPs are increasingly targeted by state-sponsored APT groups

Research shows a shift toward advanced persistent threat actors compromising smaller organization, in part to enable other attacks.

cyber attack alarm alert

Credential harvesting tool Legion targets additional cloud services

Threat actors now use Legion to steal AWS-specific credentials from web servers to enable email and SMS spam campaigns.

Security threat [illustration] > A hacker with black hat, mask, and crowbar breaks into a laptop.

Legitimate looking npm packages found hosting TurkoRat infostealer

The malicious packages have been downloaded hundreds of times, but the long-term impact is unknown.

mentor teach learn coach partner team by rawpixel via unsplash

Accessibility should be a cybersecurity priority, says UK NCSC

Cybersecurity training, controls, and requirements that are inaccessible, especially to those with disabilities, can make businesses less secure and more vulnerable to risky behaviour.

cisco

Critical remote code execution flaws patched in Cisco small business switches

Some of the vulnerabilities could lead to complete compromise of the device as a proof of concept is publicly available.

network wan

Researchers show ways to abuse Microsoft Teams accounts for lateral movement

Attackers have several ways to enable lateral movement within a network via a compromised Teams account.

digital trust fintech online payment shutterstock 2194218929

Security breaches push digital trust to the fore

While cybersecurity and CISOs may have a bigger role in it, digital trust is not something that belongs to a single department but the whole organization and needs to be integrated across the business.

cybercrime cyber crime skull symbol project darknet dark web internet safety cyberattack theft viru

New ransomware gang RA Group quickly expanding operations

The RA Group uses double extortion and has detailed information on its victims.

hacker handcuffs laptop cybercrime cyber crime arrested

Law enforcement crackdowns and new techniques are forcing cybercriminals to pivot

Researchers say that law enforcement crackdowns and new investigative tools are putting pressure on cybercriminals, but challenges for defenders remain.

office screen workers cybersecurity reporting concern

UK NCSC, ICO debunk 6 cyberattack reporting myths

These misconceptions, including the belief that paying a ransom makes the incident go away, could result in more attacks or bigger regulatory fines.

business cyber insurance

Insured companies more likely to be ransomware victims, sometimes more than once

A recent report found that companies with cyber insurance have been hit by ransomware more than those without it, and sometimes more than once. Although threat actors may not be directly correlating the insurance factor to find...

email / messaging / collaboration

Israeli threat group uses fake company acquisitions in CEO fraud schemes

The group targets multinational firms using email display name spoofing and multiple fake personas.

mobile / email / laptop / computing

Microsoft fixes bypass for critical Outlook zero-click flaw patch

Microsoft rates the new Outlook vulnerability as medium severity, but Akamai researchers say it should be higher.

threat ransomware response

Make them pay: Hackers devise new tactics to ensure ransomware payment

Payouts from ransomware victims declined by 38% in 2022, which has prompted hackers to adopt more professional and corporate tactics to ensure higher returns.

cactus / prickly / difficult / tricky

New ransomware group CACTUS abuses remote management tools for persistence

The CACTUS cybercriminal group targets VPN appliances for initial access and to install a backdoor.

shutterstock 1850095465 internet API application programming interface

Azure API Management flaws highlight server-side request forgery risks in API development

New SSRF vulnerabilities highlight the weaknesses of using blacklisting techniques as a defense mechanism.

Load More

Most Popular

BrandPosts

Sponsored by Microsoft Security

Cybercriminals are abusing security tools—here’s how we’re stopping them
Sponsored by Cisco

Business risk is a critical component of cloud-native application protection
Sponsored by Fortinet

The state of operational technology and cybersecurity