AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs.… Read More »From Misuse to Abuse: AI Risks and Attacks
To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats. There are… Read More »5 Techniques for Collecting Cyber Threat Intelligence
A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails. “The spear-phishing… Read More »Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing… Read More »CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487,… Read More »GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access
New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device’s unlock pattern or PIN. “This new addition enables the… Read More »TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns
North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financially-motivated campaign. The malware is… Read More »New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists
Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan (RAT) called DarkVision RAT. The activity, observed by… Read More »New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT
In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software… Read More »The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short
China’s National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as the Volt Typhoon is a fabrication of the U.S. and its… Read More »China Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking Campaigns