Your blog category
In 2024, ransomware attacks targeting VMware ESXi servers reached alarming levels, with the average ransom demand skyrocketing to $5 million. With approximately 8,000 ESXi hosts exposed directly to the internet… Read More »Ransomware on ESXi: The mechanization of virtualized attacks
The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but… Read More »⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
No less than 4,000 unique web backdoors previously deployed by various threat actors have been hijacked by taking control of abandoned and expired infrastructure for as little as $20 per… Read More »Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
Cybersecurity researchers are warning of a new stealthy credit card skimmer campaign that targets WordPress e-commerce checkout pages by inserting malicious JavaScript code into a database table associated with the… Read More »WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io. Roman Vitalyevich Ostapenko and Alexander… Read More »DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering
Microsoft has revealed that it’s pursuing legal action against a “foreign-based threat–actor group” for operating a hacking-as-a-service infrastructure to intentionally get around the safety controls of its generative artificial intelligence… Read More »Microsoft Sues Hacking Group Exploiting Azure AI for Harmful Content Creation
Cybersecurity researchers have shed light on a nascent artificial intelligence (AI) assisted ransomware family called FunkSec that sprang forth in late 2024, and has claimed more than 85 victims to… Read More »AI-Driven Ransomware FunkSec Targets 85 Victims Using Double Extortion Tactics
Cybersecurity reporting is a critical yet often overlooked opportunity for service providers managing cybersecurity for their clients, and specifically for virtual Chief Information Security Officers (vCISOs). While reporting is seen… Read More »Taking the Pain Out of Cybersecurity Reporting: A Practical Guide for MSPs
Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that’s disguised as an employee CRM application as part of a… Read More »CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
Mongolia, Taiwan, Myanmar, Vietnam, and Cambodia have been targeted by the China-nexus RedDelta threat actor to deliver a customized version of the PlugX backdoor between July 2023 and December 2024.… Read More »RedDelta Deploys PlugX Malware to Target Mongolia and Taiwan in Espionage Campaigns