A very popular NPM package called ‘pac-resolver’ for the JavaScript programming language has been fixed to address a remote code execution flaw that could affect a lot of Node.js applications.
The German government has revealed that it has reliable information according to which ghost writer activities can be attributed to cyber protagonists of the Russian state or Russia’s GRU military intelligence.
Hackers purchase access to a victim’s network on dark web marketplaces and from other threat actors. Analyzing their want ads makes it possible to get an inside look at the types of companies ransomware operations are targeting for attacks.
Gardaí have seized the cyberinfrastructure used by the cyber gang involved in the HSE cyber attack earlier this year. The operation is believed to have prevented more than 750 ransomware attacks, the Irish Times has reported.
An ongoing campaign has been found to leverage a network of websites acting as a “dropper as a service” to deliver a bundle of malware payloads to victims looking for “cracked” versions of popular business and consumer applications.
According to NCC Group’s report, the number of ransomware attacks analyzed has increased by 288% between January-March 2021 and April-June 2021, with organizations continuing to face waves of digital extortion in the form of targeted ransomware.
The bank was hit by AVOS Locker Ransomware operators who claim to have stolen sensitive documents from the financial institution. The ransomware gang added the bank to its leak site and published some screenshots as proof of the hack.
Kaspersky provided a detailed technical analysis of QakBot, a decade-old Trojan that is active since 2007. It also underlines the stats of victims. In the first seven months of this year, Kaspersky spotted 181,869 attempts to download or execute QakBot. Experts say one must track its activities and ensure the right security measures are in place […]
Attackers use the DNS rebinding technique to exploit private networks. It can take over victims’ browsers and exposes the attack surface of internal web applications to malicious websites, which can be dangerous. Web browser vendors, web application owners, and DNS resolvers need to apply appropriate protection strategies to ensure security against such threats.
Researchers recently obtained a leaked playbook linked to the Conti RaaS group, disclosing a heap of information about operations by them. The sensitive playbook documents are believed to be leaked by a partner not happy with Conti. For researchers and security analysts, this is an opportunity to deploy the right logic in place to detect […]