The local government in George County, Mississippi, was thrown into chaos this weekend when ransomware actors used a discrete phishing email to gain deep access to the county’s systems.
The US Cybersecurity and Infrastructure Security Agency (CISA) revealed on Thursday that the recently disclosed Citrix zero-day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization.
In a recent encounter, security researchers stumbled across a HotRat malware distribution campaign that cybercriminals were offering bundled as cracked programs and games. HotRat is an offshoot of the open-source AsyncRAT framework. Implement strict software policies, regularly update and patch systems, and educate users about the risks of using cracked software.
A new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office.
A smishing campaign is targeting Japanese Android users by posing as a power and water infrastructure company and luring victims to a phishing website to download the SpyNote malware.
Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers.
Mallox ransomware activity surged by nearly 174% in 2023, using the new variant Xollam, employing the double extortion tactic to demand ransom from victims. The development is also being perceived as more affiliate groups coming together in this mission. Organizations must remain vigilant and adapt security measures to stay one step ahead of such threats.
The U.S. Justice Department and the Federal Trade Commission (FTC) announced that Amazon has agreed to pay a $25 million fine to settle alleged children’s privacy laws violations related to the company’s Alexa voice assistant service.
A new malware strain known as BundleBot has been stealthily operating under the radar by taking advantage of .NET single-file deployment techniques, enabling threat actors to capture sensitive information from compromised hosts.
Sophisticated DDoS attacks worldwide reached 5.4 trillion in Q2 2023. This represents a 15% increase compared to the number of attacks observed in Q1 2023. One of the factors associated with the pro-Russia hacker groups REvil, Killnet, and Anonymous Sudan targeting Western websites amid the war in Ukraine. Enabling firewalls, and having good internet security solutions […]