Don’t let work invade your personal life. Separate your passwords with two Bitwarden accounts for better security and peace of mind. This article has been indexed from Latest stories for ZDNET in Security Read the original article: How to set…
Category: EN
6 Potential Security Concerns With the Eventual Rollout of 6G
6G could be available by the end of the decade, which should decrease latency and connectivity speeds for users. However, these wireless networks present new cybersecurity challenges. What should industry professionals prepare for? What Is 6G? 6G will be the…
‘People Are Scared’: Inside CISA as It Reels From Trump’s Purge
Employees at the Cybersecurity and Infrastructure Security Agency tell WIRED they’re struggling to protect the US while the administration dismisses their colleagues and poisons their partnerships. This article has been indexed from Security Latest Read the original article: ‘People Are…
Modat launches premier product, Modat Magnify for Cybersecurity Professionals
The Hague, the Netherlands, 13th March 2025, CyberNewsWire This article has been indexed from Hackread – Latest Cybersecurity, Tech, AI, Crypto & Hacking News Read the original article: Modat launches premier product, Modat Magnify for Cybersecurity Professionals
Medusa ransomware hit over 300 critical infrastructure organizations until February 2025
The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based…
Fake Captcha Malware Attacking Windows Users To execute PowerShell Commands
A sophisticated malware campaign is targeting Windows users through deceptive CAPTCHA verification prompts that trick victims into executing malicious PowerShell scripts. This resurgence of fake CAPTCHA attacks, identified in early February 2025, represents a growing threat as attackers continue to…
Hackers Using JSPSpy Tool To Manage Malicious Webshell Infrastructure
Cybersecurity researchers have identified a cluster of servers hosting JSPSpy, a Java-based webshell first observed in 2013, now being deployed alongside a rebranded file management tool. The webshell features a graphical interface enabling remote access and file management capabilities, making…
GitLab Warns of Multiple Vulnerabilities Let Attackers Login as Valid User
GitLab has released critical security patches for multiple vulnerabilities that could potentially allow attackers to authenticate as legitimate users or even execute remote code under specific circumstances. The company has urged all self-managed GitLab installations to immediately upgrade to versions…
Entertaining While Training: Lessons on C and C++ Secure Coding Practices with Tanya Janca
Click here for full interview. In this show, we speak with Tanya Janca, aka SheHacksPurple, a renowned code security trainer with nearly 30 years of experience in application development, engineering, and testing. In the past, she’s worked in counterterrorism for…
FreeType Vulnerability Actively Exploited for Arbitrary Code Execution
A significant vulnerability has been identified in the FreeType library, a widely used open-source font rendering engine. This vulnerability tracked as CVE-2025-27363, is being actively exploited and may lead to arbitrary code execution on affected systems. Overview of the Vulnerability:…
Fake CAPTCHA Malware Exploits Windows Users to Run PowerShell Commands
In early February 2025, Trustwave SpiderLabs uncovered a resurgence of a malicious campaign leveraging fake CAPTCHA verifications to deliver malware. This campaign uses deceptive CAPTCHA prompts to trick users into executing PowerShell commands, initiating a multi-stage attack chain. The end…
Why AI-powered security tools are your secret weapon against tomorrow’s attacks
In the cybersecurity arms race, you have access to the same weapons as the bad guys. Just how well-armed are you now? This article has been indexed from Latest stories for ZDNET in Security Read the original article: Why AI-powered…
New OBSCURE#BAT Exploit Windows Alters System Processes & Registry for Evasion
Cybersecurity researchers at Securonix have identified an advanced malware campaign that employs social engineering tactics and heavily obfuscated code to deploy rootkits capable of cloaking malicious activities on compromised systems. Dubbed OBSCURE#BAT, the campaign targets English-speaking users through various deception…
North Korean Hackers Deploy DocSwap Malware Disguised as Security Tool
In a recent cybersecurity threat discovery, the S2W Threat Research and Intelligence Center Talon has identified and analyzed a new type of malware linked to a North Korean-backed Advanced Persistent Threat (APT) group. The malware, masquerading as a “문서열람 인증…
Medusa Ransomware Hits 300+ Critical Infrastructure Organizations Worldwide
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint advisory on the Medusa ransomware, a ransomware-as-a-service (RaaS) variant that has been active since June…
Medusa Ransomware Hacked 300+ Organizations Worldwide from Variety of Critical Infrastructure
A highly sophisticated ransomware variant named Medusa has compromised over 300 organizations worldwide from critical infrastructure sectors. The attacks have targeted a wide array of industries including medical, education, legal, insurance, technology, and manufacturing sectors, demonstrating the threat actor’s broad…
New OBSCURE#BAT Manipulates System Processes & Registry Entries To Evade Detection
A sophisticated malware campaign, tracked as OBSCURE#BAT, has been identified using heavily obfuscated batch scripts to install stealthy rootkits, allowing attackers to maintain persistent access to compromised systems while avoiding detection. This campaign uses social engineering tactics and deceptive file…
Fortinet Addresses Multiple Vulnerabilities in FortiSandbox, FortiOS, & Other Products
Fortinet has released a comprehensive security update addressing numerous vulnerabilities across its product portfolio, with particularly significant issues identified in FortiSandbox, FortiOS, and several other enterprise security solutions. These vulnerabilities range from medium to high severity and could potentially allow…
Medusa ransomware affiliate tried triple extortion scam – up from the usual double demand
Feds warn gang still rampant and now cracked 300+ victims around the world A crook who distributes the Medusa ransomware tried to make a victim cough up three payments instead of the usual two, according to a government advisory on…
WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback
Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to the impending expiration of a root certificate. “On March 14, 2025, a root certificate used to…