brangberg – Page 749

Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware

The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology (IT) organizations with a previously undocumented malware called LuckyStrike Agent.
The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian state-owned telecom company Rostelecom. It’s tracking the activity under the name Erudite Mogwai.
The

The Hidden Cost of Compliance: When Regulations Weaken Security

The current state of regulation and the overwhelming burden it brings to most enterprises is a discussion worth having

The post The Hidden Cost of Compliance: When Regulations Weaken Security appeared first on SecurityWeek.

Microsoft fixes Outlook drag-and-drop broken by Windows updates

Microsoft has fixed a known issue that broke email and calendar drag-and-drop in classic Outlook after installing recent updates on Windows 24H2 systems. […]

Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw

The websites of dozens of major private and government organizations have been abused in a massive spam campaign that involves exploitation of a vulnerability affecting widely used virtual tour software. The attacks were observed recently by researcher Oleg Zaytsev who noticed that a Google search revealed what appeared to be adult content on the website […]

The post Sites of Major Orgs Abused in Spam Campaign Exploiting Virtual Tour Software Flaw appeared first on SecurityWeek.

89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals

Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business plans, or both. To drive informed decision-making and effective planning, the availability of hard data is essential—yet such data remains surprisingly scarce.
The “Enterprise GenAI Data Security Report 2025” by LayerX delivers unprecedented insights

New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades

Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat actors behind it are continuously making changes in response to public reporting.
“The modifications seen in the TgToxic payloads reflect the actors’ ongoing surveillance of open source intelligence and demonstrate their commitment to enhancing the

Cisco Patches Vulnerabilities in Nexus Switches

Cisco has patched command injection and DoS vulnerabilities affecting some of its Nexus switches, including a high-severity flaw.

The post Cisco Patches Vulnerabilities in Nexus Switches appeared first on SecurityWeek.

Failure, Rinse, Repeat: Why do Both History and Security Seem Doomed to Repeat Themselves?

Security-oriented news often stays within the security community, that is until it hits home, or often millions of homes. We’ve most recently heard about breaches at National Public Data and Ticketmaster, but there are names from the past that might provoke a twitch or send a chill in those who have been following the industry […]

The post Failure, Rinse, Repeat: Why do Both History and Security Seem Doomed to Repeat Themselves? appeared first on SecurityWeek.

FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge

The FBI has attributed the Bybit hack to a North Korean group named TraderTraitor as more technical details of the attack have come to light.

The post FBI Says North Korea Hacked Bybit as Details of $1.5B Heist Emerge appeared first on SecurityWeek.

PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices

A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023.
French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and

Author: brangberg