GodFather Android Banking Trojan Targeting Users of Over 400 Banking and Crypto Apps

An Android banking trojan known as GodFather is being used to target users of more than 400...

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit...

Ukraine’s DELTA Military System Users Under Attack from Info Stealing Malware

The Computer Emergency Response Team of Ukraine (CERT-UA) this week disclosed that users of the Delta situational...

1 Comment

Beware: Cybercriminals Launch New BrasDex Android Trojan Targeting Brazilian Banking Users

The threat actors behind the Windows banking malware known as Casbaneiro has been attributed as...

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within...

A Guide to Efficient Patch Management with Action1

It’s no secret that keeping software up to date is one of the key best...

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service

An ongoing analysis of the KmsdBot botnet has raised the possibility that it’s a DDoS-for-hire service offered...

FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC)...

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be...

Telling users to ‘avoid clicking bad links’ still isn’t working

Why organisations should avoid ‘blame and fear’, and instead use technical measures to manage the...

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository...

Glupteba Botnet Continues to Thrive Despite Google’s Attempts to Disrupt It

The operators of the Glupteba botnet resurfaced in June 2022 as part of a renewed...

Cybercrime (and Security) Predictions for 2023

Threat actors continue to adapt to the latest technologies, practices, and even data privacy laws—and...

Announcement of Proposal to Update FIPS 197, The Advanced Encryption Standard

As a part of the periodic review of NIST’s cryptographic standards and guidelines, NIST’s Crypto...

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making...

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

Meta Platforms disclosed that it took down no less than 200 covert influence operations since...

Google Takes Gmail Security to the Next Level with Client-Side Encryption

Google on Friday announced that its client-side encryption for Gmail is in beta to its...

Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities

Samba has released software updates to remediate multiple vulnerabilities that, if successfully exploited, could allow...

How the NCSC thinks about security architecture

Richard C explains how an understanding of vulnerabilities – and their exploitation – informs how...

Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities

Government entities in Ukraine have been breached as part of a new campaign that leveraged...

Ex-Twitter employee Gets 3.5 Years Jail for Spying on Behalf of Saudi Arabia

A former Twitter employee who was found guilty of spying on behalf of Saudi Arabia...

Cyber Security Is Not a Losing Game – If You Start Right Now

Reality has a way of asserting itself, irrespective of any personal or commercial choices we...

GitHub Announces Free Secret Scanning for All Public Repositories

GitHub on Thursday said it is making available its secret scanning service to all public...

Call for Comments on NIST Draft Revision 4 of SP 800-63: Digital Identity Guidelines

The rapid proliferation of online services over the past few years has heightened the need...

NIST Drafts Revised Guidelines for Digital Identification in Federal Systems

The draft publication features updates intended to help fight online crime, preserve privacy and promote...

Goodbye SHA-1: NIST Retires 27-Year-Old Widely Used Cryptographic Algorithm

The U.S. National Institute of Standards and Technology (NIST), an agency within the Department of...

Minecraft Servers Under Attack: Microsoft Warns About Cross-Platform DDoS Botnet

Microsoft on Thursday flagged a cross-platform botnet that’s primarily designed to launch distributed denial-of-service (DDoS)...

CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities impacting Veeam Backup & Replication...

IOTW: Over 77,000 Uber employee details leaked in data breach

This data breach marks the second cyber attack the company has suffered this year, both...

Researchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political Entities

A Chinese-speaking advanced persistent threat (APT) actor codenamed MirrorFace has been attributed to a spear-phishing campaign targeting...