It’s now hitting govt, enterprise targets On March 11 – Patch Tuesday – Microsoft rolled out its usual buffet of bug fixes. Just eight days later, miscreants had weaponized one of the vulnerabilities, using it against government and private sector…
Category: EN
Akira Ransomware Launches New Cyberattacks Using Stolen Credentials and Public Tools
The Akira ransomware group has intensified its operations, targeting over 350 organizations and claiming approximately $42 million USD in ransom proceeds by the beginning of 2024. This sophisticated cybercriminal entity has been deploying a strategy known as “double extortion,” where…
Detecting And Blocking DNS Tunneling Techniques Using Network Analytics
DNS tunneling is a covert technique that cybercriminals use to bypass traditional network security measures and exfiltrate data or establish command and control channels within an organization. By leveraging the essential and often trusted Domain Name System (DNS) protocol, attackers…
New Phishing Technique Hides Weaponized HTML Files Within SVG Images
Cybersecurity experts have observed an alarming increase in the use of SVG (Scalable Vector Graphics) files for phishing attacks. These attacks leverage the versatility of SVG format, which allows embedding of HTML and JavaScript code within what appears to be…
Gmail Users Face a New Dilemma Between AI Features and Data Privacy
Google’s Gmail is now offering two new upgrades, but here’s the catch— they don’t work well together. This means Gmail’s billions of users are being asked to pick a side: better privacy or smarter features. And this decision could…
Kimsuky Exploits BlueKeep RDP Vulnerability to Breach Systems in South Korea and Japan
Cybersecurity researchers have flagged a new malicious campaign related to the North Korean state-sponsored threat actor known as Kimsuky that exploits a now-patched vulnerability impacting Microsoft Remote Desktop Services to gain initial access. The activity has been named Larva-24005 by…
Business Continuity in a Digital World – CISO Perspectives
In today’s interconnected business environment, digital disruptions can quickly escalate from minor technical incidents to major organizational crises. The role of Chief Information Security Officers (CISOs) has become increasingly central to business continuity planning, as organizations face sophisticated cyber threats,…
Akira Ransomware Using Compromised Credentials and Public Tools in New Wave of Cyberattacks
The cybersecurity landscape faces a mounting threat as the Akira ransomware group intensifies operations, marking a significant evolution since its emergence in March 2023. This sophisticated threat actor specializes in leveraging compromised credentials to access vulnerable VPN services lacking multi-factor…
Cybersecurity Metrics That Matter for Board-Level Reporting
In today’s digital-first business environment, cyber threats are not just an IT problem they’re a core business risk. Board members are increasingly expected to oversee cybersecurity strategy, but they often lack the technical background to interpret traditional security reports. This…
Protecting Against Insider Threats – Strategies for CISOs
In the modern enterprise, cybersecurity is no longer just a technical concern it is a boardroom priority. The frequency and impact of cyber incidents have escalated, placing organizational resilience, regulatory compliance, and business reputation at risk. Board members, however, often…
New Phishing Attack Appending Weaponized HTML Files Inside SVG Files
Cybersecurity experts have identified a sophisticated new phishing technique that exploits the SVG (Scalable Vector Graphics) file format to deliver malicious HTML content to unsuspecting victims. This emerging threat, first observed at the beginning of 2025, represents a notable evolution…
This ChatGPT trick can reveal where your photo was taken – and it’s unsettling
ChatGPT can ‘read’ your photos for location clues – even without embedded GPS or EXIF data. Here’s why that could be a problem. This article has been indexed from Latest stories for ZDNET in Security Read the original article: This…
50,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in Greenshift WordPress Plugin
On April 14th, 2025, we received a submission for an Arbitrary File Upload vulnerability in Greenshift, a WordPress plugin with more than 50,000 active installations. This vulnerability can be used by authenticated attackers, with subscriber-level access and above, to upload…
New Rust Botnet “RustoBot” is Routed via Routers
FortiGuard Labs recently discovered a new botnet propagating through TOTOLINK devices. Learn more about this malware targeting these devices. This article has been indexed from Fortinet Threat Research Blog Read the original article: New Rust Botnet “RustoBot” is Routed…
North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature
North Korean cryptocurrency thieves abusing Zoom Remote collaboration feature to target cryptocurrency traders with malware. The post North Korean Cryptocurrency Thieves Caught Hijacking Zoom ‘Remote Control’ Feature appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the…
Securing our future: April 2025 progress report on Microsoft’s Secure Future Initiative
The Microsoft Secure Future Initiative (SFI) stands as the largest cybersecurity engineering project in history and most extensive effort of its kind at Microsoft. Now, we are sharing the second SFI progress report, which highlights progress made in our multi-year…
SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks
A new Android malware-as-a-service (MaaS) platform named SuperCard X can facilitate near-field communication (NFC) relay attacks, enabling cybercriminals to conduct fraudulent cashouts. The active campaign is targeting customers of banking institutions and card issuers in Italy with an aim to…
Ransomware Attacks on Financial Institutions: A Rising Threat with Multi-Layered Consequences
In 2024, financial institutions around the globe suffered an average loss of $6.08 million due to ransomware attacks. This marked a 10% increase compared to the previous year, signaling a disturbing trend of rising cybercrime targeting the financial sector. The…
Native Language Phishing Spreads ResolverRAT to Healthcare
Morphisec discovers a new malware threat ResolverRAT, that combines advanced methods for running code directly in computer memory,… This article has been indexed from Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto Read the original article: Native Language…
Security Awareness Metrics That Matter to the CISO
In today’s rapidly evolving threat landscape, Chief Information Security Officers (CISOs) are tasked with more than just deploying the latest security technologies; they must also foster a culture of security awareness across their organizations. While technical controls are essential, the…