A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. […]
US govt probes if ransomware gang stole Change Healthcare data
The U.S. Department of Health and Human Services is investigating whether protected health information was stolen in a ransomware attack that hit UnitedHealthcare Group (UHG) subsidiary Optum, which operates the Change Healthcare platform, in late February. […]
Fortinet warns of critical RCE bug in endpoint management software
Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. […]
PixPirate Android malware uses new tactic to hide on phones
The latest version of the PixPirate banking trojan for Android employs a previously unseen method to hide from the victim while remaining active on the infected device even if its dropper app has been removed. […]
Demystifying a Common Cybersecurity Myth
One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today’s ever-evolving file upload security landscape, and a big part of that is understanding where the
Pen test vendor rotation: do you need to change annually?
Organizations commonly change their pen test providers annually. Learn more from Outpost24 about the drawbacks of rotating pentest providers and the benefits of the Penetration Testing as a Service (PTaaS) model. […]
PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users
The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil.
The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today.
“Thanks to this new technique, during PixPirate reconnaissance
The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today.
“Thanks to this new technique, during PixPirate reconnaissance
Bitcoin Fog mixer operator convicted for laundering $400 million
Russian-Swedish national Roman Sterlingov was convicted by a federal jury in Washington, D.C., for operating Bitcoin Fog between 2011 and 2021. […]
LockBit ransomware affiliate gets four years in jail, to pay $860k
Russian-Canadian cybercriminal Mikhail Vasiliev has been sentenced to four years in prison by an Ontario court for his involvement in the LockBit ransomware operation. […]
Join Our Webinar on Protecting Human and Non-Human Identities in SaaS Platforms
Identities are the latest sweet spot for cybercriminals, now heavily targeting SaaS applications that are especially vulnerable in this attack vector.
The use of SaaS applications involves a wide range of identities, including human and non-human, such as service accounts, API keys, and OAuth authorizations. Consequently, any identity in a SaaS app can create an opening for cybercriminals to
The use of SaaS applications involves a wide range of identities, including human and non-human, such as service accounts, API keys, and OAuth authorizations. Consequently, any identity in a SaaS app can create an opening for cybercriminals to