CyberVolk, infamous for DDoS attacks and data breaches, has gained particular notoriety for its ransomware, detected in July 2024, due to its advanced features and capabilities.

A new mobile malware called SpyAgent has been uncovered by McAfee’s Mobile Research Team. This malware targets mnemonic keys used for cryptocurrency wallets by scanning for images containing them on your device.

The flaw, discovered by security researchers at Red Hat and G-Research, could lead to unauthorized access to sensitive data through mishandled images processed by qemu-img.

Sami Khoury, the head of Canada’s cyber agency, is moving to a new role as the government’s senior official for cybersecurity after leading the Canadian Centre for Cyber Security (CCCS) since August 2021.

According to Onapsis, 83% of organizations experienced a ransomware attack in the past year. Of those, 46% experienced four or more attacks, and 14% faced 10 or more. The attacks resulted in at least 24 hours of downtime for 61% of respondents.

MuddyWater, an Iranian hacker group since 2017, has been using legitimate RMM software to target organizations globally, focusing on government, military, telecom, and oil sectors.

This authentication bypass flaw, with a CVSS score of 9.8 (the highest severity rating), could enable unauthorized users to gain administrative access to Red Hat Satellite, a commercial offering built on Foreman.

Hackers from Russia and Belarus are increasingly targeting Latvian government and critical infrastructure websites in politically motivated cyberattacks, according to Latvian cybersecurity officials.

The US has indicted members of Russian military intelligence unit 29155 for cyber-operations including WhisperGate hacks against Ukraine, offering up to $10 million for information.

The fake landing pages closely mimicked the real Lowe’s portal, prompting employees to enter their sales numbers, passwords, and security question answers, which then were sent to attackers.