Category: CySecurity News – Latest Information Security and Hacking Incidents

  Infostealer malware is becoming one of the most alarming cybersecurity threats, silently stealing sensitive data from individuals and organizations. This type of malware operates stealthily, often going undetected for long periods while extracting valuable information such as login credentials,…

Read more →

  Microsoft has revealed details of a large-scale malvertising campaign that is believed to have impacted over one million devices worldwide as part of an opportunistic attack aimed at stealing sensitive information.  The tech giant, which discovered the activity in…

Read more →

  There has been a worrying rise in the number of people losing control of their social media and email accounts this year. According to recent data from Action Fraud, the UK’s national cybercrime reporting center, over 35,000 cases were…

Read more →

  Chinese hackers involved in the Volt Typhoon attack spent over a year inside the networks of a major utility company in Littleton, Massachusetts.  In a report published last week, Dragos, an operational technology (OT) cybersecurity firm, described their work…

Read more →

  A recent report from Nozomi Networks has revealed that the vast majority of Wi-Fi networks are highly vulnerable to deauthentication attacks, a common form of denial-of-service (DoS) attack. After analyzing telemetry from hundreds of operational technology (OT) and internet…

Read more →

  Researchers have uncovered a series of highly sophisticated cyberattacks by the notorious Lazarus group, targeting web servers in South Korea. The attackers have been infiltrating IIS servers to deploy ASP-based web shells, which serve as the first-stage Command and…

Read more →

  The Overlooked Danger of Password Reuse While digital access is becoming increasingly prevalent in our everyday lives, from managing finances to enjoying online entertainment, there remains a critical security lapse: password reuse. Even though it is convenient, this practice…

Read more →

  Apple is set to make a major improvement in how people using iPhones and Android devices communicate. Soon, text messages exchanged between these two platforms will be protected with end-to-end encryption, offering better privacy and security. For years, secure…

Read more →

  In the Black Basta ransomware group, an automated brute force attack tool referred to as BRUTED has been developed to target and compromise edge networking devices such as firewalls and VPNs, as well as other edge networking devices. By…

Read more →

  Raymond Limited, a leading textile and apparel firm, acknowledged a cyberattack on its IT infrastructure on February 19. The company quickly segregated affected systems to protect essential business operations and avoid disruptions to customer-facing platforms or shop networks. Rakesh…

Read more →

  A recent cybersecurity report by S-RM has revealed a new tactic used by the Akira ransomware group, demonstrating their persistence in bypassing security defenses. When their initial attempt to deploy ransomware was blocked by an endpoint detection and response…

Read more →

  The growing use of digital systems in cars, trucks, and mobility services has made the automotive industry a new favorite target for hackers. Companies involved in making vehicles, supplying parts, and even selling them are now dealing with a…

Read more →

  Do you think continuing with the same old version of the same old software is a good idea? While it may function adequately for the time being, the clock is ticking towards disaster. Waiting to upgrade results in a…

Read more →

  Researchers have discovered at least five Android apps on Google Play that secretly function as spyware for the North Korean government. Despite passing Google Play’s security checks, these apps collect personal data from users without their knowledge. The malware,…

Read more →

  A network security risk associated with unauthorized password resets is very significant, as it can expose sensitive information and systems to cyber threats. IT administrators must take care to monitor and validate every password reset, particularly those that involve…

Read more →

  A newly discovered ransomware group known as Mora_001 is carrying out cyberattacks by exploiting security weaknesses found in Fortinet’s firewall systems. The group is using a custom ransomware strain named SuperBlack to target organizations and lock their data for…

Read more →

  The Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the FBI and the Multi-State Information Sharing and Analysis Center (MS-ISAC), has issued a #StopRansomware advisory, warning organizations about the increasing threat of Medusa ransomware.  Medusa, a ransomware-as-a-service (RaaS)…

Read more →

  Microsoft Threat Intelligence identified a new strain of XCSSET, a complex modular macOS malware that targets Xcode programs. The malware was discovered in the wild during routine threat hunting, and it is the first known XCSSET variant to appear…

Read more →

  There is a growing threat to individuals from spamming, a form of cyber attack derived from SMS phishing, which uses text messaging to deceive them into disclosing sensitive information or engaging with malicious links via text messaging. Though the…

Read more →

  For years, companies protected sensitive data by securing emails, devices, and internal networks. But work habits have changed. Now, most of the data moves through web browsers.   Employees often copy, paste, upload, or transfer information online without realizing the…

Read more →