Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. […]
Hackers breach healthcare orgs via ScreenConnect remote access
Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool. […]
Microsoft extends Windows Server 2012 ESUs to October 2026
Microsoft provides three more years of Windows Server 2012 Extended Security Updates (ESUs) until October 2026, allowing administrators more time to upgrade or migrate to Azure. […]
Maine govt notifies 1.3 million people of MOVEit data breach
The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state’s entire population. […]
Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes
The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022.
The findings come from Google’s Mandiant, which described the hack as a “multi-event cyber attack” leveraging a novel technique for impacting industrial control systems (ICS).
“The actor first used OT-level living-off-the-land (LotL) techniques to
The findings come from Google’s Mandiant, which described the hack as a “multi-event cyber attack” leveraging a novel technique for impacting industrial control systems (ICS).
“The actor first used OT-level living-off-the-land (LotL) techniques to
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
There is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization.
SOC teams tend to spend about a third of their day on events that don’t pose any threat to their organization, and this has accelerated the adoption of automated solutions to take the place of (or augment) inefficient and cumbersome SIEMs.
With an estimated 80% of
SOC teams tend to spend about a third of their day on events that don’t pose any threat to their organization, and this has accelerated the adoption of automated solutions to take the place of (or augment) inefficient and cumbersome SIEMs.
With an estimated 80% of
Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers
Cybersecurity researchers have discovered a stealthy backdoor named Effluence that’s deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server.
“The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence,” Aon’s Stroz Friedberg Incident Response Services said in an analysis published
“The malware acts as a persistent backdoor and is not remediated by applying patches to Confluence,” Aon’s Stroz Friedberg Incident Response Services said in an analysis published
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors
A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war.
The attacks have been attributed by CrowdStrike to a threat actor it tracks under the name Imperial Kitten, and which is also known as Crimson Sandstorm (previously Curium),
The attacks have been attributed by CrowdStrike to a threat actor it tracks under the name Imperial Kitten, and which is also known as Crimson Sandstorm (previously Curium),
Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan
Urdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran.
The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile device, prompts visitors of the Urdu version to install its
The campaign, ESET has discovered, leverages Hunza News (urdu.hunzanews[.]net), which, when opened on a mobile device, prompts visitors of the Urdu version to install its
Kyocera AVX says ransomware attack impacted 39,000 individuals
Kyocera AVX Components Corporation (KAVX) is sending notices of a data breach exposing personal information of 39,111 individuals following a ransomware attack. […]