Dragon RaaS, a ransomware group known for its blend of hacktivism and cybercrime, has emerged as a significant player in the “Five Families” crimeware syndicate. This group, which includes ThreatSec, GhostSec, Blackforums, and SiegedSec, has been making waves since its…
How Threat Hunters Enrich Indicators With Context
While data is king, context is his queen — together, they reign over domains that thrive on research, analysis, discovery, and exploration. Nowhere is this more evident than in cyber threat intelligence, where raw data alone is powerless without context…
Microsoft Attributes Recent Outage of Outlook Web to Code Error in Recent Update
Microsoft experienced a widespread outage on March 19, 2025, affecting Outlook on the web services. The tech giant has attributed the issue to a problematic code change in a recent update, which left thousands of users unable to access their…
RansomHub Affiliate Deploying New Custom Backdoor Dubbed ‘Betruger’ For Persistence
A RansomHub affiliate has been observed recently deploying a new custom backdoor named ‘Betruger’. This sophisticated malware, discovered on March 20, 2025, by the Symantec Threat Hunter team, represents a concerning evolution in ransomware attack methodologies. The Betruger backdoor is…
New Steganographic Malware Exploits JPEG Files to Distribute Infostealers
A sophisticated malware campaign employing steganographic techniques has recently been identified, targeting users through seemingly innocent JPEG image files. The attack leverages hidden malicious code embedded within image files that, when executed, initiates a complex chain of events designed to…
Too many software supply chain defense bibles? Boffins distill advice
How to avoid another SolarWinds, Log4j, and XZ Utils situation Organizations concerned about software supply chain attacks should focus on role-based access control, system monitoring, and boundary protection, according to a new preprint paper on the topic.… This article has…
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems
Veeam has released security updates to address a critical security flaw impacting its Backup & Replication software that could lead to remote code execution. The vulnerability, tracked as CVE-2025-23120, carries a CVSS score of 9.9 out of 10.0. It affects…
Rooted Devices 250 Times More Vulnerable to Compromise
Rooted devices are 250 times more vulnerable to security incidents, Zimperium warned This article has been indexed from www.infosecurity-magazine.com Read the original article: Rooted Devices 250 Times More Vulnerable to Compromise
IT Security News Hourly Summary 2025-03-20 15h : 17 posts
17 posts were published in the last hour 13:35 : Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Surge by 130% 13:35 : Check Point Accelerates Site-to-Site VPN for Azure Virtual WAN 13:35 : U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and…
Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Surge by 130%
Menlo Security, a leader in Secure Enterprise Browsers, has released its annual State of Browser Security Report, revealing a sharp rise in browser-based cyberattacks. The report highlights a 130% surge in zero-hour phishing attacks and a significant increase in the…
Check Point Accelerates Site-to-Site VPN for Azure Virtual WAN
As organizations seek to accelerate their cloud operations, ensuring secure and fast network performance to Azure Virtual WAN has become critically important. Check Point CloudGuard Network Security has now made available enhanced site-to-site VPN that simplifies Azure Virtual WAN network…
U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities…
Real-Time Anti-Phishing: Essential Defense Against Evolving Cyber Threats
FortiGuard Labs reveals critical insights into the nature of recent phishing trends. Learn more. This article has been indexed from Fortinet Threat Research Blog Read the original article: Real-Time Anti-Phishing: Essential Defense Against Evolving Cyber Threats
The post-quantum cryptography apocalypse will be televised in 10 years, says UK’s NCSC
Wow, a government project that could be on time for once … cos it’s gonna be wayyyy more than a decade The UK’s National Cyber Security Centre (NCSC) today started the post-quantum cryptography (PQC) countdown clock by claiming organizations have…
Smishing Scams and How to Strengthen Cybersecurity
There is a growing threat to individuals from spamming, a form of cyber attack derived from SMS phishing, which uses text messaging to deceive them into disclosing sensitive information or engaging with malicious links via text messaging. Though the…
AI-Powered Cyber Attacks and Data Privacy in The Age of Big Data
The fast transformation and evolution of artificial intelligence (AI) significantly changed the general norm and operational process of industries. This drastically transformed different sectors of industries related to finance, healthcare… The post AI-Powered Cyber Attacks and Data Privacy in The…
Cisco Smart Licensing Utility Vulnerabilities Under Hacker Exploitation
Recent reports indicate that hackers are actively trying to exploit two critical vulnerabilities in the Cisco Smart Licensing Utility. These vulnerabilities, identified as CVE-2024-20439 and CVE-2024-20440, were disclosed by Cisco in September. The first vulnerability involves a static credential issue,…
Massive “DollyWay” Malware Attack Compromises 20,000+ WordPress Sites Worldwide
A significant malware operation, dubbed “DollyWay,” has been uncovered by GoDaddy Security researchers, revealing a sophisticated campaign that has compromised over 20,000 WordPress sites globally. This operation, which began in 2016, leverages a distributed network of compromised WordPress sites as…
Babuk2 Ransomware Issues Fake Extortion Demands Using Data from Old Breaches
Recent investigations by the Halcyon RISE Team have uncovered a concerning trend in the ransomware landscape: the Babuk2 group is issuing extortion demands based on false claims. Despite announcing numerous attacks, there is no third-party confirmation or evidence from victims…
Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Increases by 130%
Recent cybersecurity data reveals an alarming 130% surge in zero-hour phishing attacks targeting previously unknown browser vulnerabilities. These sophisticated attacks leverage unpatched security flaws in popular browsers to deploy malicious payloads before security teams can implement countermeasures, leaving users and…
Paragon Spyware Exploited WhatsApp Zero-day Vulnerability to Attack High-value Targets
Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. Following the investigation, WhatsApp notified approximately 90 potential victims and confirmed…
Babuk2 Ransomware Issuing Fake Extortion Demands With Data from Old Breaches
The Babuk2 ransomware group has been caught issuing extortion demands based on false claims and recycled data from previous breaches. This revelation comes from recent investigations conducted by the Halcyon RISE Team, shedding light on a concerning trend in the…
Multiple Dell Secure Connect Gateway Flaws Allows System Compromise
Dell Technologies has issued a critical security advisory warning customers about multiple vulnerabilities in its Secure Connect Gateway (SCG) product that could potentially lead to system compromise. The vulnerabilities affect versions prior to 5.28.00.14 and require immediate attention from system…
North Korean IT Workers Exploiting GitHub to Attack Organizations Worldwide
A sophisticated network of suspected North Korean IT workers has been discovered leveraging GitHub to create false identities and secure remote employment opportunities in Japan and the United States. These operatives pose as Vietnamese, Japanese, and Singaporean professionals, primarily targeting…