Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. […]
Criminal IP Teams Up with OnTheHub for Digital Education Cybersecurity
AI SPERA announced today that it has partnered with education platform OnTheHub to provide its integrated cybersecurity solution, Criminal IP, to students and educational institutions. […]
Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers
Cybersecurity researchers have warned of a new large-scale campaign that exploits security flaws in AVTECH IP cameras and Huawei HG532 routers to rope the devices into a Mirai botnet variant dubbed Murdoc_Botnet.
The ongoing activity “demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks,” Qualys security researcher Shilpesh
The ongoing activity “demonstrates enhanced capabilities, exploiting vulnerabilities to compromise devices and establish expansive botnet networks,” Qualys security researcher Shilpesh
Ransomware Groups Abuse Microsoft Services for Initial Access
Sophos warns of two ransomware groups abusing Microsoft 365 services and default configurations to contact internal enterprise users.
The post Ransomware Groups Abuse Microsoft Services for Initial Access appeared first on SecurityWeek.
Cyber Insights 2025: Attack Surface Management
SecurityWeek’s Cyber Insights 2025 examines expert opinions to gain their opinions on what to expect in Attack Surface Management in 2025.
The post Cyber Insights 2025: Attack Surface Management appeared first on SecurityWeek.
13,000 MikroTik Routers Hijacked by Botnet for Malspam and Cyberattacks
A global network of about 13,000 hijacked Mikrotik routers has been employed as a botnet to propagate malware via spam campaigns, the latest addition to a list of botnets powered by MikroTik devices.
The activity “take[s] advantage of misconfigured DNS records to pass email protection techniques,” Infoblox security researcher David Brunsdon said in a technical report published last week. “This
The activity “take[s] advantage of misconfigured DNS records to pass email protection techniques,” Infoblox security researcher David Brunsdon said in a technical report published last week. “This
Students, Educators Impacted by PowerSchool Data Breach
PowerSchool says the personal information of students and educators was stolen in a December 2024 data breach.
The post Students, Educators Impacted by PowerSchool Data Breach appeared first on SecurityWeek.
Ex-CIA Analyst Pleads Guilty to Sharing Top-Secret Data with Unauthorized Parties
A former analyst working for the U.S. Central Intelligence Agency (CIA) pleaded guilty to transmitting top secret National Defense Information (NDI) to individuals who did not have the necessary authorization to receive it and attempted to cover up the activity.
Asif William Rahman, 34, of Vienna, was an employee of the CIA since 2016 and had a Top Secret security clearance with access to
Asif William Rahman, 34, of Vienna, was an employee of the CIA since 2016 and had a Top Secret security clearance with access to
HackGATE: Setting New Standards for Visibility and Control in Penetration Testing Projects
Imagine receiving a penetration test report that leaves you with more questions than answers. Questions like, “Were all functionalities of the web app tested?” or ” Were there any security issues that could have been identified during testing?” often go unresolved, raising concerns about the thoroughness of the security testing. This frustration is common among many security teams. Pentest
PNGPlug Loader Delivers ValleyRAT Malware Through Fake Software Installers
Cybersecurity researchers are calling attention to a series of cyber attacks that have targeted Chinese-speaking regions like Hong Kong, Taiwan, and Mainland China with a known malware called ValleyRAT.
The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week.
The infection chain commences with a phishing
The attacks leverage a multi-stage loader dubbed PNGPlug to deliver the ValleyRAT payload, Intezer said in a technical report published last week.
The infection chain commences with a phishing