The Secret Weakness Execs Are Overlooking: Non-Human Identities
For years, securing a company's systems was synonymous with securing its "perimeter." There was what was safe "inside" and the unsafe outside world. We...
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and Proxyjacking
Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency...
North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks
Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part...
INTERPOL Arrests 8 in Major Phishing and Romance Fraud Crackdown in West Africa
INTERPOL has announced the arrest of eight individuals in Côte d'Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber...
LockBit Ransomware and Evil Corp Leaders Arrested and Sanctioned in Joint Global Effort
A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka...
Ivanti Endpoint Manager Flaw Actively Targeted, CISA Warns Agencies to Patch
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a security flaw impacting Endpoint Manager (EPM) that the company patched in May...
Fake Trading Apps Target Victims Globally via Apple App Store and Google Play
A large-scale fraud campaign leveraged fake trading apps published on the Apple App Store and Google Play Store, as well as phishing sites, to...
China-Linked CeranaKeeper Targeting Southeast Asia with Data Exfiltration
A previously undocumented threat actor called CeranaKeeper has been linked to a string of data exfiltration attacks targeting Southeast Asia.Slovak cybersecurity firm ESET, which...
Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals
A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under...
Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to...