Android TV botnet Vo1d grows explosively and bypasses securityVo1d botnet has infected over 1.5 million Android TV devices globally, evolving despite prior disclosures.
US and allies must get tough on Russia, China's deep-sea cable sabotageRussia and China are targeting subsea cables to disrupt U.S. communications and financial transactions.
France Bracing for Cyberattacks During Summer OlympicsThe Summer Olympics in Paris face cybersecurity threats from adversarial countries, criminals, and hacktivists.Russian-aligned hacktivists and state actors are potential cyberattack threats to the Paris Olympics.
US and allies must get tough on Russia, China's deep-sea cable sabotageRussia and China are targeting subsea cables to disrupt U.S. communications and financial transactions.
France Bracing for Cyberattacks During Summer OlympicsThe Summer Olympics in Paris face cybersecurity threats from adversarial countries, criminals, and hacktivists.Russian-aligned hacktivists and state actors are potential cyberattack threats to the Paris Olympics.
Top 5 AI-Powered Social Engineering AttacksAI is enhancing social engineering tactics by targeting human vulnerabilities on a larger scale.
Research uncovers new attack method, security leaders share insightsThe ConfusedPilot attack may manipulate RAG AI systems, resulting in misinformation and impaired decision-making processes for organizations.
Top 5 AI-Powered Social Engineering AttacksAI is enhancing social engineering tactics by targeting human vulnerabilities on a larger scale.
Research uncovers new attack method, security leaders share insightsThe ConfusedPilot attack may manipulate RAG AI systems, resulting in misinformation and impaired decision-making processes for organizations.
How trust and safety leaders at top tech companies are approaching the security threat of AI: 'Trust but verify'Safety officers advise 'trust, but verify' when integrating AI like ChatGPT into businesses.
GoDaddy gets a stern finger-wagging for non-existent infosecGoDaddy has been criticized for inadequate security measures, leading to multiple data breaches and misleading customers about their data protection standards.
How trust and safety leaders at top tech companies are approaching the security threat of AI: 'Trust but verify'Safety officers advise 'trust, but verify' when integrating AI like ChatGPT into businesses.
GoDaddy gets a stern finger-wagging for non-existent infosecGoDaddy has been criticized for inadequate security measures, leading to multiple data breaches and misleading customers about their data protection standards.
Critical Veeam Vulnerability Exploited to Spread Akira and Fog RansomwareThreat actors are exploiting a patched vulnerability in Veeam Backup & Replication to deploy Akira and Fog ransomware, necessitating immediate security improvements.
Ransomware is driving an increase in emergency patient careRansomware attacks on health care are increasing sharply, posing significant risks to patient care and safety.
Ransomware crew abuses AWS native encryptionCodefinger is a new ransomware group using AWS's own encryption scheme to lock files and extort victims for decryption keys.
Potent youth cybercrime ring made up of 1,000 people, FBI official saysA group of around 1,000 young cybercriminals known as Scattered Spider pose a significant cybersecurity threat through social engineering and collaboration with ransomware groups.
Critical Veeam Vulnerability Exploited to Spread Akira and Fog RansomwareThreat actors are exploiting a patched vulnerability in Veeam Backup & Replication to deploy Akira and Fog ransomware, necessitating immediate security improvements.
Ransomware is driving an increase in emergency patient careRansomware attacks on health care are increasing sharply, posing significant risks to patient care and safety.
Ransomware crew abuses AWS native encryptionCodefinger is a new ransomware group using AWS's own encryption scheme to lock files and extort victims for decryption keys.
Potent youth cybercrime ring made up of 1,000 people, FBI official saysA group of around 1,000 young cybercriminals known as Scattered Spider pose a significant cybersecurity threat through social engineering and collaboration with ransomware groups.
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF InjectionGFI KerioControl firewalls have a vulnerability (CVE-2024-52875) allowing remote code execution due to improper input sanitization, posing significant security risks.
New Linux malware Pumakit manages to hide itselfA new rootkit named Pumakit targets outdated Linux systems, leveraging advanced hiding techniques for stealth and privilege escalation.
New Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and ProxyjackingLinux servers are targeted by stealthy malware perfctl, primarily for cryptocurrency mining and proxyjacking.
Modernizing patch management in an evolving IT security landscapeThe IT security landscape is increasingly complex, necessitating robust patch management to mitigate risks from third-party applications and dispersed endpoints.
A deepfake caller pretending to be a Ukrainian official almost tricked a US SenatorDeepfake technology poses significant risks to political communication, exemplified by a security incident involving Sen. Cardin and a fake Ukrainian official.
Iranian hackers sent information stolen from Trump campaign to Biden campaign, FBI saysIranian hackers attempted to interfere in the 2024 election by sending unsolicited emails to Biden's campaign with stolen information from Trump's campaign.
Easterly: Potential Chinese cyberattack could unfold like CrowdStrike errorThe faulty CrowdStrike Falcon update provided insights into potential Chinese cyber operations on sensitive U.S. networks.
NCSC updates warning over hacktivist threat to CNI | Computer WeeklyRussia-backed hacktivist groups targeting critical infrastructure with unsophisticated attacks.NCSC and CISA warning about evolving threats from hacktivist groups not officially backed by the Kremlin.
Easterly: Potential Chinese cyberattack could unfold like CrowdStrike errorThe faulty CrowdStrike Falcon update provided insights into potential Chinese cyber operations on sensitive U.S. networks.
NCSC updates warning over hacktivist threat to CNI | Computer WeeklyRussia-backed hacktivist groups targeting critical infrastructure with unsophisticated attacks.NCSC and CISA warning about evolving threats from hacktivist groups not officially backed by the Kremlin.
Hackers could spy on cellphone users by abusing 5G baseband flaws, researchers say | TechCrunchResearchers discovered security flaws in 5G basebands, enabling silent attacks like spying and phishing, even downgrading victims to older protocols for easier eavesdropping.
Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing EmailsA threat actor exploited a vulnerability in Proofpoint's email routing, sending millions of spoofed emails to deceive and steal from recipients.
U.S. DoJ Indicts North Korean Hacker for Ransomware Attacks on HospitalsRansomware attacks against U.S. healthcare funded North Korea's illicit activities.
Proofpoint's CISO 2024 Report: Top Challenges Include Human Error & RiskCISOs are increasingly dealing with people-centric threats and are turning to AI to address vulnerabilities.
A Wider View on TunnelVision and VPN AdviceVPN benefits oversold; mainly useful for rerouting network connections, not encryption. TunnelVision exposes VPN limitations in protecting against local network threats.
How AI is turbocharging security issuesAI is empowering cybercriminals and making cybersecurity threats more sophisticated and widespread.
US warns of North Korean hackers using email security flaws for phishing attacksNorth Korean hacking group Kimsuky exploits email security flaws for phishing attacks on organizations.Proper configuration of email security protocols, such as DMARC, is crucial in preventing phishing attempts and spoofing.
6 Ways Remote Workers Can Stop Their Boss Spying on ThemRemote work has privacy risks due to cybersecurity threats and employer monitoring, requiring tools for staying secure online.
Stealthy malware: The threats hiding in plain sightCriminals are evolving to use more sophisticated methods like hunter-killer malware to hide from security systems, with over two-thirds of malware now employing stealth techniques.
Prompt Hacking, Private GPTs and Zero-Day Exploits: The Impacts of AI on Cyber Security LandscapeAI accessibility leads to a surge in prompt hacking attempts and misuse of private GPT models for malicious purposes.
Why Akira could be the next big thing in ransomwareAkira ransomware is a significant threat in the cybersecurity landscape.
Elastic Automates SIEM Investigations with TinesAutomated workflow enhances threat identification and response.