The statement — which came Monday from the FBI, CISA, and the Office of the Director of National Intelligence (ODNI) — specifically attributes the recently announced cyberattack on the campaign of former President Donald Trump to Iranian actors.
FBI and CISA issued a PSA reassuring the public about the security of the 2024 election cycle against ransomware attacks. While attacks on government networks could cause temporary delays, voting systems’ integrity remains intact.
A new cybercrime group named Mad Liberator has been identified by the Sophos X-Ops Incident Response team for targeting AnyDesk users. This ransomware group is using a fake Microsoft Windows update screen to hide their data exfiltration activities.
Cymulate’s proof-of-concept attack demonstrates how multiple on-premises domains syncing to a single Azure tenant can lead to credential mishandling, potentially allowing unauthorized access to different domains.
Researchers have uncovered new infrastructure connected to the financially motivated threat actor FIN7. The analysis reveals communications inbound to FIN7 infrastructure from IP addresses assigned to Post Ltd in Russia and SmartApe in Estonia.
Microsoft has patched a zero-day vulnerability, known as CVE-2024-38193, that was being exploited by the North Korea-linked Lazarus APT group. This vulnerability is a privilege escalation issue in the Windows Ancillary Function Driver for WinSock.
Thousands of Oracle NetSuite E-Commerce Sites are at Risk of Exposing Sensitive Customer Data due to a widespread misconfiguration in the SuiteCommerce enterprise resource planning (ERP) platform.
Ransomware groups have earned over $450 million in H1 2024 by extorting victims through cryptocurrency payments, according to a report by Chainalysis. It has risen from the previous year, with a record ransom payment of $75 million reported.
Many organizations struggle with AI literacy, cautious adoption, and risks of immature implementation, leading to disruptions in security, including data threats and AI misuse.
A Russian citizen, known by various online names like “TeRorPP,” has been sentenced to 40 months in a U.S. prison for selling financial data and login credentials on the criminal marketplace Slilpp.