The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks aimed at European foreign affairs entities since January 2023.
Trend Micro researchers observed a recent attack from the 8220 Gang exploiting the Oracle WebLogic vulnerability CVE-2017-3506 (CVSS score of 7.4) captured by one of their honeypots.
Researchers at SEC Consult have found that the Kids Place app versions 3.8.49 and older are vulnerable to five flaws that could impact the safety and privacy of its users.
Dubbed “VIP Invoice Authentication Fraud” by Armorblox, the tactic is used in classic fake emails designed to impersonate trusted vendors or other third parties that the victim organization regularly pays.
The $60 million Series C was led by Sapphire Ventures and brings the total raised by Huntress to a whopping $118 million. Existing investors JMI Equity and Forgepoint Capital expanded their equity stake.
For the last two weeks, the city has been engulfed in a massive recovery effort after the Royal ransomware gang caused significant damage to systems that manage the city’s police, fire department, courts, critical infrastructure, and more.
Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology (OT) networks to external attacks.
The threat actor known as Water Orthrus was spotted with two new campaigns in March and April 2023 that intended to deliver CopperStealth and CopperPhish payloads. The new malware have been upgraded for different purposes, such as injecting network advertisements, acquiring personal information, and stealing crypto assets. Organizations must leverage the updated IOCs associated with the […]
As the rate of cyberattacks steadily increases, automated threat hunting processes are being integrated to help stem the tide by providing quicker security insights, more efficient operations, and human error reductions.
Cybersecurity experts took the wraps off of a newer variant of BPFDoor (BPF stands for Berkeley Packet Filter), which is capable of maintaining persistent access to breached systems for extended periods. The new variant has remained entirely undetected by all the virus-detection engines on VirusTotal. To mitigate the risks associated with BPFDoor, admins should prioritize […]