The Lumma information-stealer malware (aka ‘LummaC2’) is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts. […]
Microsoft launches Defender Bounty Program with $20,000 rewards
Microsoft has unveiled a new bug bounty program aimed at the Microsoft Defender security platform, with rewards between $500 and $20,000. […]
Auto parts giant AutoZone warns of MOVEit data breach
AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. […]
CISA orders federal agencies to patch Looney Tunables Linux bug
Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions. […]
Citrix warns admins to kill NetScaler user sessions to block hackers
Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 ‘Citrix Bleed’ vulnerability to secure vulnerable devices against attacks. […]
DarkGate and Pikabot malware emerge as Qakbot’s successors
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled. […]
Criminal IP Becomes VirusTotal IP and URL Scan Contributor
The Criminal IP Threat Intelligence (CTI) search engine has integrated its IP address and URL scans into VirusTotal. Learn more from Criminal IP about how this integration can help you. […]
LLM Security Startup Lasso Emerges From Stealth Mode
Lasso Security raises $6 million in seed funding to tackle cyber threats to secure generative AI and large language model algorithms.
The post LLM Security Startup Lasso Emerges From Stealth Mode appeared first on SecurityWeek.
Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals
The ransomware strain known as Play is now being offered to other threat actors “as a service,” new evidence unearthed by Adlumin has revealed.
“The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks delivered with it,” the
“The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks delivered with it,” the
CISA Offering Free Cybersecurity Services to Non-Federal Critical Infrastructure Entities
New CISA pilot program brings cutting-edge cybersecurity services to critical infrastructure entities that need support.
The post CISA Offering Free Cybersecurity Services to Non-Federal Critical Infrastructure Entities appeared first on SecurityWeek.