Cloudflare announced today that it has closed all HTTP ports on api.cloudflare.com, taking a significant step toward eliminating the security risks associated with cleartext HTTP traffic. The change, effective immediately, prevents sensitive information such as API tokens from being transmitted…
Tag: Cyber Security News
Hellcat Ransomware Group Hacked Ascom Technical Ticketing System
Swiss telecommunications solutions provider Ascom has fallen victim to a cyberattack by the notorious Hellcat ransomware group, which compromised the company’s technical ticketing system on March 16, 2025. The attack represents the latest in a global hacking spree targeting Jira…
Infosys Agrees to $17.5 Million Settlement Following 2023 Data Breach
Indian technology giant Infosys Limited has agreed to pay $17.5 million to settle six class action lawsuits from a significant data breach at its U.S. subsidiary, Infosys McCamish Systems LLC (McCamish). The settlement, announced on March 14, 2025, resolves allegations…
MEDUSA Ransomware Using Malicious ABYSSWORKER Driver to Disable EDR
MEDUSA ransomware operation has been observed leveraging a sophisticated malicious driver called ABYSSWORKER to disable endpoint detection and response (EDR) systems. This dangerous capability allows the ransomware to operate undetected, significantly increasing the threat to organizations’ security infrastructure. The ABYSSWORKER…
Hackers Exploiting Checkpoint’s Driver in BYOVD Attack to Bypass Windows Security
A sophisticated attack where threat actors exploited vulnerabilities in vsdatant.sys, a kernel-level driver used by Checkpoint’s ZoneAlarm antivirus software. Originally released in 2016, this driver became the target of a Bring Your Own Vulnerable Driver (BYOVD) attack, allowing attackers to…
Chinese FishMonger APT Operated by I‑SOON Attacking Government Entities & NGOs
Recent cybersecurity investigations have uncovered a sophisticated threat actor dubbed “FishMonger” operating under the umbrella of I-SOON, a Chinese company with alleged ties to state-sponsored hacking operations. This Advanced Persistent Threat (APT) group has been systematically targeting government institutions and…
Threat Actors Leveraging Reddit Posts To Actively Spread AMOS and Lumma Stealers
A sophisticated malware campaign is currently targeting cryptocurrency enthusiasts on Reddit, offering fake “cracked” versions of the popular trading platform TradingView. The malicious actors are distributing two dangerous data stealers—AMOS for macOS users and Lumma Stealer for Windows users—through seemingly…
CISA Releases Five Industrial Control Systems Advisories Covering Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) released five Industrial Control Systems (ICS) advisories on March 20, 2025, providing critical information about security vulnerabilities affecting industrial control systems across multiple vendors. These advisories offer essential guidance on mitigations for vulnerabilities…
Caido v0.47.0 Released – Burp Suite Alternative Web Pentesting Tool Brings New Features
Caido, the innovative security testing tool positioning itself as a compelling alternative to Burp Suite, has just rolled out its latest update, version 0.47.0. This release introduces a slew of exciting features, a revamped user experience, and critical bug fixes,…
Apple Faces Federal Lawsuit Over Delayed Apple Intelligence Features
Tech giant Apple is once again in the legal spotlight as a class-action lawsuit filed in U.S. District Court in San Jose accuses the company of false advertising and unfair competition related to its highly touted Apple Intelligence features. The…
IBM AIX Vulnerability Let Attackers Execute Arbitrary Commands
Critical security vulnerabilities in IBM AIX operating systems could allow unauthorized remote attackers to execute arbitrary commands, potentially compromising the entire system. IBM has released security patches to address these high-severity flaws affecting multiple Unix-based operating system versions. Security researchers have…
Hackers Exploiting Multiple Cisco Smart Licensing Utility Vulnerability
Researchers have detected active exploitation attempts targeting two critical vulnerabilities in Cisco’s Smart Licensing Utility that were patched approximately six months ago. Threat actors leverage these flaws, which could potentially grant unauthorized access to sensitive licensing data and administrative functions.…
Rooted (Jailbroken) Mobile Devices 3.5 Times More Vulnerable to Cyber Attacks
A recent study has revealed that rooted devices are over 3.5 times more likely to be targeted by mobile malware, underscoring the risks they bring to organizations. Rooting and jailbreaking, once popular methods for customizing mobile devices, are now primarily…
How Threat Hunters Enrich Indicators With Context
While data is king, context is his queen — together, they reign over domains that thrive on research, analysis, discovery, and exploration. Nowhere is this more evident than in cyber threat intelligence, where raw data alone is powerless without context…
Microsoft Attributes Recent Outage of Outlook Web to Code Error in Recent Update
Microsoft experienced a widespread outage on March 19, 2025, affecting Outlook on the web services. The tech giant has attributed the issue to a problematic code change in a recent update, which left thousands of users unable to access their…
RansomHub Affiliate Deploying New Custom Backdoor Dubbed ‘Betruger’ For Persistence
A RansomHub affiliate has been observed recently deploying a new custom backdoor named ‘Betruger’. This sophisticated malware, discovered on March 20, 2025, by the Symantec Threat Hunter team, represents a concerning evolution in ransomware attack methodologies. The Betruger backdoor is…
New Steganographic Malware Exploits JPEG Files to Distribute Infostealers
A sophisticated malware campaign employing steganographic techniques has recently been identified, targeting users through seemingly innocent JPEG image files. The attack leverages hidden malicious code embedded within image files that, when executed, initiates a complex chain of events designed to…
Zero-Hour Phishing Attacks Exploiting Browser Vulnerabilities Increases by 130%
Recent cybersecurity data reveals an alarming 130% surge in zero-hour phishing attacks targeting previously unknown browser vulnerabilities. These sophisticated attacks leverage unpatched security flaws in popular browsers to deploy malicious payloads before security teams can implement countermeasures, leaving users and…
Paragon Spyware Exploited WhatsApp Zero-day Vulnerability to Attack High-value Targets
Researchers have uncovered extensive evidence linking Israeli firm Paragon Solutions to a sophisticated spyware operation that exploited a zero-day vulnerability in WhatsApp to target journalists and civil society members. Following the investigation, WhatsApp notified approximately 90 potential victims and confirmed…
Babuk2 Ransomware Issuing Fake Extortion Demands With Data from Old Breaches
The Babuk2 ransomware group has been caught issuing extortion demands based on false claims and recycled data from previous breaches. This revelation comes from recent investigations conducted by the Halcyon RISE Team, shedding light on a concerning trend in the…