There’s a new phishing campaign targeting verified Twitter accounts by urging them, in an email, to update their details if they do not want to lose their verified status. Hackers are reportedly harvesting the credentials of the users by taking advantage of Twitter’s recent action to remove the verified status from undeserving accounts. Users must stay […]
A flash alert by the FBI revealed that Cuba ransomware actors breached at least 49 entities in critical infrastructure sectors such as healthcare, financial, government, manufacturing, and IT. The group demanded different U.S. companies for $74 million in ransom and already received $43.9 million. Experts recommend deploying robust anti-ransomware security measures to stay protected.
A series of malvertising campaigns by Magnat group are infecting users via fake popular games and app installers. It spreads two commodity password stealers Azorult and Redline, MagnatBackdoor, and MagnatExtension. These threats are very effective and require multiple layers of security measures for protection, such as security awareness sessions, network filtering, and endpoint protection.
Microsoft has extended the Secured-core concept to servers, and to Windows Server and Azure Stack HCI to make the hardware less susceptible to firmware attacks and running unverified code.
Google’s Threat Analysis Group (TAG) has disrupted the blockchain-enabled botnet known as Glupteba, which is made up of around 1 million compromised Windows and internet of things (IoT) devices.
U.S. Cyber Command demonstrated collective cyber defense with international partners during the CYBER FLAG 21-1 exercise, which ran from November 15 to 20 at Joint Base Suffolk in Virginia.
The issue lies in the Windows 10 default URI handler for ms-officecmd: URIs are used by the Microsoft Office Universal Windows Platform (UWP) app to launch other Office desktop applications.
The emergence of new, updated, and rebranded ransomware families highlights how ransomware operators shift from one RaaS to another due to improved capabilities and lucrative opportunities.
Cryptolaemus recently noticed a change in the tactics of Emotet operators, which now are directly installing Cobalt Strike beacons on infected devices without installing any intermediate Trojans.
Founded in February 2021, the Tel Aviv-based SaaS security provider emerged from stealth in April 2021. The Series A was led by Intel Capital, with existing investor YL Ventures also participating.