The House Appropriations Committee included nearly $400 million more than last year for the Cybersecurity and Infrastructure Security Agency (CISA) in its budget proposal for the upcoming year.

Security researcher Imre Rad revealed that attackers can impersonate the metadata server from the targeted virtual machine’s point of view to take over the virtual machine.

Officials from Cyberpion approached EA late last year to inform them of multiple domains that could be subject to takeovers as well as misconfigured and potentially unknown assets.

SafeDollar, an algorithmic stablecoin on the Polygon network, dropped in value to $0 after a cyberattack yesterday. The attack resulted in a loss of 202,230 USDC and 46,000 USDT.

Andrii Kolpakov, a Ukrainian national that was a supervisor of the FIN7 threat group, has been sentenced to seven years in prison. He was arrested in Spain in 2018 and extradited to the U.S. in 2019.

Analysts from Privacy Sharks stumbled across the dataset with 700 million records put up for sale on RaidForums on June 22 by a hacker calling himself “GOD User TomLiner.”

Ransomware operators are resorting to different extortion tactics to intensify the stress on victims for greater ransom payouts. There are four new extortion tactics observed by the Hong Kong CERT Coordination Centre. 

In this campaign, a malicious link that distributes an AsyncRAT payload is sent to aviation companies with a well-crafted message. AsyncRAT is used to steal credentials and other sensitive data.

After seeing an increase in fraud and malicious developer accounts, Google announced plans to require additional identity verification from developers who want to list apps on the official Play Store.

Lil’ Skim is a simple web skimmer that is fairly easy to identify and differs from other Magecart scripts. The threat actor impersonates internet companies and also the victim sites it goes after.