The U.S. cybersecurity agency CISA warned against clicking on suspicious links to prevent email compromise. Cybercriminals are already impersonating CrowdStrike in phishing emails, asking for payment to “fix the CrowdStrike apocalypse.”
Most of the SEC civil fraud case against SolarWinds was dismissed by a U.S. District Court judge, but key allegations related to misleading investors about cybersecurity practices leading up to the 2020 Sunburst hack remain.
The Revolver Rabbit cybercriminal gang has registered over 500,000 domain names for infostealer campaigns targeting Windows and macOS systems. They utilize registered domain generation algorithms (RDGAs) to rapidly register multiple domains at once.
Grype is an open-source vulnerability scanner for container images and filesystems that works with Syft to detect vulnerabilities in major operating system and language-specific packages like Alpine, Debian, Ruby, Java, Python, and more.
The malware’s driver was signed by Microsoft but attributed to a suspicious Chinese company, Hubei Dunwang Network Technology Co., Ltd. The company exploited Microsoft’s driver code-signing requirements to obtain an Extended Verification certificate.
The Cybersecurity and Infrastructure Security Agency (CISA) has appointed new leaders to its cybersecurity division and stakeholder engagement role to enhance national cyber defenses and foster collaboration between the public and private sectors.
APT41, a China-based hacking group, has targeted organizations in shipping, logistics, media, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. since 2023.
The attacks, linked to a group called OilAlpha, involved malicious mobile apps and targeted CARE International, Norwegian Refugee Council (NRC), and Saudi Arabian King Salman Humanitarian Aid and Relief Centre.
The Play ransomware group has introduced a Linux variant that targets ESXi environments. This variant verifies its environment before executing and has been successful in evading security measures.
Indian crypto exchange WazirX disclosed a loss of virtual assets worth more than $230 million due to a cyber attack linked to North Korea. The attack targeted a multi-signature wallet with six signatories, leading to a breach in security measures.