Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw
Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks.The...
New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide
Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a...
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass.The...
Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector
Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target...
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial...
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials
Law enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones.The...
U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering
The U.S. government on Thursday sanctioned two cryptocurrency exchanges and unsealed an indictment against a Russian national for his alleged involvement in the operation...
New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users
Russian-speaking users have been targeted as part of a new campaign distributing a commodity trojan called DCRat (aka DarkCrystal RAT) by means of a...
Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks
The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks.The multi-stage attack...
U.S. Charges Three Iranian Nationals for Election Interference and Cybercrimes
U.S. federal prosecutors on Friday unsealed criminal charges against three Iranian nationals who are allegedly employed with the Islamic Revolutionary Guard Corps (IRGC) for...