Some of the reasons why we should be serious about space cybersecurity are obvious, such as keeping ground-based systems running and addressing national defense concerns.

The malicious updates delivered through NoxPlayer’s compromised update mechanism included an unknown malware with monitoring capabilities and the extensively used Gh0st remote access trojan (RAT).

After the Google TAG report about attacks on security researchers, Microsoft has disclosed a similar attempt by another North Korean actor to steal vulnerabilities from the experts.

Palo Alto is alerting organizations about new updates in Rocke Group’s new version of malware that was used throughout 2018 and 2019 to illegally mine Monero from infected Linux machines.

After a takedown attempt in 2020 by the global law enforcement, that somehow wasn’t that successful, a new TrickBot version has arrived.

North Korea-backed threat actors are impersonating security experts to launch attacks on the security community possibly to obtain details of undisclosed vulnerabilities that can be exploited later.

The Fonix Ransomware operators have shut down their operation and released the master decryption allowing victims to recover their files for free. This shutdown could cause members to join other ransomware affiliate programs.

Researchers have identified an updated malware variant used by the cybercrime gang Rocke Group that targets cloud infrastructures with crypto-jacking attacks. The malware is called Pro-Ocean, which was first discovered in 2019.

Researchers at GRIMM have discovered multiple vulnerabilities within the NITRO open-source library that the Department of Defense and federal intelligence community use to exchange, store and transmit digital images collected by satellites.

Initially starting life as a banking trojan, Trickbot evolved to become a highly popular form of malware among cybercriminals, particularly because its modular nature allowed for it to be used in many different kinds of attacks.