The Redfly threat actor group used the ShadowPad Trojan to compromise a national grid in an Asian country, stealing credentials and maintaining a presence for up to six months.
The WiKI-Eve attack is designed to intercept WiFi signals during password entry, so it’s a real-time attack that must be carried out while the target actively uses their smartphone and attempts to access a specific application.
Reported ransomware attacks on organizations in the UK reached record levels last year, when criminals compromised data on potentially over 5.3 million people from over 700 organizations, according to a dataset published by the ICO.
A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines.
The new funding round, which brings the total raised by Binalyze to $30.5 million, was led by Molten Ventures, with participation from Earlybird Digital East, OpenOcean, Cisco Investments, Citi Ventures, and Deutsche Bank Corporate Venture Capital.
Cybercrime crew BianLian claims to have broken into the IT systems of a top non-profit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data.
Online banking fraud detection and prevention firm Cleafy today announced that it has raised €10 million ($10.7 million) in its first funding round, which was led by United Ventures.
A dark cloud of threats hovers over Windows users as security researchers uncovered a phishing campaign delivering Agent Tesla, OriginBotnet, and RedLine Clipper via maldocs. Attackers can extract a wide range of data from compromised systems, such as credentials, crypto wallet data, and other sensitive information. To stay safe, it is recommended to deploy a […]
Unlike other recent macOS malware, MetaStealer relies on social engineering tactics to persuade victims to launch malicious payloads, often disguised as legitimate files or software.
The Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog.