Threat actors are now leveraging the often-overlooked Component Object Model (COM) and its distributed counterpart, Distributed Component Object Model (DCOM), to harvest credentials on Windows systems. As traditional red team methods like direct access to the Local Security Authority Subsystem…
The latest in phishing scams: stealing your information through fake online forms
Online threats have become increasingly sophisticated, and phishing attacks are no exception. Among the many tactics cybercriminals deploy, developing phishing campaigns by mimicking well-known companies and duplicating their online forms has emerged as a quick, cost-effective, and deceptively simple method…
How crypto is changing the game for financial scammers
Cryptocurrency has transformed how we save, spend, and invest money. But with this wave of innovation comes a new breed of scams—slick, high-tech, and harder to spot than ever. This article has been indexed from blog.avast.com EN Read the original…
Bitdefender vs McAfee: Which Antivirus Is Right for You?
Compare Bitdefender and McAfee to find the best antivirus for your needs. Discover features and make an informed choice. This article has been indexed from Security | TechRepublic Read the original article: Bitdefender vs McAfee: Which Antivirus Is Right for…
Working with INTERPOL and the World Economic Forum to Continue Driving Cyber Resilience in Latin America
Fortinet’s Dr. Arturo Torres recently had the honor of representing Fortinet and FortiGuard Labs at the 10th Americas Working Group on Cybercrime for Heads of Unit, a joint event held in Panama City and hosted by International Criminal Police Organization…
RadiantOne platform enhancements prevent identity-based attacks
Radiant Logic announced its new Identity Observability features as part of the RadiantOne platform. As identity remains the dominant attack vector for cybercriminals, the latest enhancements to the RadiantOne platform deliver real-time visibility and context into the entire Identity and…
From Infection to Access: A 24-Hour Timeline of a Modern Stealer Campaign
Stealer malware no longer just steals passwords. In 2025, it steals live sessions—and attackers are moving faster and more efficiently than ever. While many associate account takeovers with personal services, the real threat is unfolding in the enterprise. Flare’s latest…
New PumaBot Botnet Targets Linux IoT Devices to Steal SSH Credentials and Mine Crypto
Embedded Linux-based Internet of Things (IoT) devices have become the target of a new botnet dubbed PumaBot. Written in Go, the botnet is designed to conduct brute-force attacks against SSH instances to expand in size and scale and deliver additional…
Emerging FormBook Malware Threatens Windows Users with Complete System Takeover
A critical cybersecurity threat has surfaced targeting Microsoft Windows users, as detailed in the latest analysis of the FormBook malware. Documented in Part II of a comprehensive FormBook analysis blog, this malware variant poses a severe risk by enabling attackers…
MATLAB With Over 5 Million Customers Suffers Ransomware Attack
MathWorks, the Massachusetts-based developer of the widely used MATLAB programming platform, has confirmed that a ransomware attack severely disrupted its services for over a week, affecting millions of engineers, scientists, and students worldwide. The company finally disclosed the nature of…
Robinhood Ransomware Operator Charged for Attacking Government and Private Networks
An Iranian national has admitted his role in orchestrating one of the most damaging ransomware campaigns against U.S. infrastructure, marking a significant victory in international cybercrime prosecution. Sina Gholinejad, 37, pleaded guilty Tuesday in North Carolina federal court to charges…
APT36 & Sidecopy Hackers Attacks India’s Critical Infrastructure To Deploy Malware
A sophisticated cyber campaign dubbed Operation Sindoor has emerged as one of the most significant state-sponsored attacks targeting India’s critical infrastructure in 2025. The operation, orchestrated by Pakistan-aligned threat groups APT36 and Sidecopy, launched its initial assault on April 17,…
Securing Supply Chains – Mitigating Third-Party Risks
As global supply chains become increasingly complex and digitally interconnected, the risks posed by third-party vendors have moved from background concern to boardroom priority. In 2025, companies face a new reality: supply chain resilience is inseparable from third-party risk management,…
Hackers Mimic Popular Antivirus Site to Deliver VenomRAT & Steal Finance Data
Cybercriminals have launched a sophisticated malware campaign using a fake Bitdefender antivirus website to distribute a dangerous trio of malicious programs designed to steal financial data and maintain persistent access to victims’ computers. Security researchers have identified the fraudulent site…
Russian IT pro sentenced to 14 years forced labor for sharing medical data with Ukraine
The latest in a long line of techies to face Putin’s wrath A Russian programmer will face the next 14 years in a “strict-regime” (high-security) penal colony after a regional court ruled he leaked sensitive data to Ukraine.… This article…
BalkanID IGA Lite reduces identity risk and ensures compliance
BalkanID has unveiled its self-service Identity Governance and Administration (IGA) Lite Platform, offering flexibility and transparent pricing. Consisting of three streamlined modules: User Access Reviews (UAR) Lite, IAM Risk Analyzer Lite, and Lifecycle Management Lite, BalkanID’s IGA Lite is the…
Mozilla Firefox und Thunderbird: Mehrere Schwachstellen
In Mozilla Firefox, Firefox ESR und Thunderbird wurden mehrere Sicherheitslücken gefunden. Sie entstehen durch verschiedene Programmfehler, zum Beispiel durch fehlerhafte Speicherverarbeitung oder unzureichenden Schutz vor Trickangriffen. Ein unbekannter Angreifer aus dem Internet kann diese Schwachstellen ausnutzen, um Programme auf dem…
Getränkekonzern unter Druck: Hacker erpressen Coca-Cola und leaken interne Daten
Innerhalb weniger Tage wollen zwei verschiedene Cyberakteure interne Daten von Coca-Cola erbeutet haben. Teilweise reichen diese zurück bis 2016. (Cybercrime, Datenbank) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Getränkekonzern unter Druck: Hacker erpressen Coca-Cola…
[NEU] [hoch] Mozilla Firefox und Thunderbird: Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mozilla Firefox, Mozilla Firefox ESR und Mozilla Thunderbird ausnutzen, um beliebigen Programmcode auszuführen, einen Denial-of-Service auszulösen, Sicherheitsvorkehrungen zu umgehen oder Informationen offenzulegen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID):…
Regulatory Compliance – Navigating Cybersecurity Laws
As digital threats escalate and technology rapidly evolves, regulatory compliance has become a defining challenge for organizations worldwide. In 2025, new and updated cybersecurity laws are reshaping how businesses protect data, manage risk, and demonstrate accountability. Navigating this complex legal…
Iranian Cyber Toufan Hackers Targeting Organizations To Steal Login Credentials
The digital battleground surrounding the Israel-Gaza conflict has intensified dramatically over the past year, with politically motivated threat actors launching sophisticated campaigns against Israeli organizations and their international partners. Among the most prominent of these groups is Cyber Toufan, an…
Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities
Google and Mozilla released patches for Chrome and FireFox to address a total of 21 vulnerabilities between the two browsers, including three rated high severity. The post Chrome 137, Firefox 139 Patch High-Severity Vulnerabilities appeared first on SecurityWeek. This article…
OneDrive Gives Web Apps Full Read Access to All Files
Security researchers warn that OneDrive’s file sharing tool may grant third-party web apps access to all your files—not just the one you choose to upload. The post OneDrive Gives Web Apps Full Read Access to All Files appeared first on…
Google Chrome: Mehrere Schwachstellen ermöglichen nicht spezifizierten Angriff
In Google Chrome wurden mehrere Sicherheitslücken entdeckt. Sie entstehen durch Programmierfehler in verschiedenen Bereichen des Browsers. Diese Fehler können dazu führen, dass der Browser falsch arbeitet oder unerwartet reagiert. Was genau dadurch passieren kann, ist bisher nicht bekannt. ein entfernter…