Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. […]
Belarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money Laundering
A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business.
Aliaksandr Klimenka, who was arrested in Latvia on December 21, 2023, was extradited to the U.S. If convicted, he faces a maximum penalty of 25 years in prison.
BTC-e, which had
Aliaksandr Klimenka, who was arrested in Latvia on December 21, 2023, was extradited to the U.S. If convicted, he faces a maximum penalty of 25 years in prison.
BTC-e, which had
Newest Ivanti SSRF zero-day now under mass exploitation
An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers. […]
Combined Security Practices Changing the Game for Risk Management
A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The majority will shout alerts at the customer as and when they become apparent and cause great stress in the process. The issue being that by using a reactive, rather than proactive approach, many risks
Patchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy Malware
The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy.
Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between
Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between
Hands-On Review: SASE-based XDR from Cato Networks
Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordinate the defensive abilities of disparate security tools, even as organizations have limited resources and a dearth of
Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group’s Pegasus spyware, according to joint findings from Access Now and the Citizen Lab.
Nine of the 35 individuals have been publicly confirmed as targeted, out of whom had their devices compromised with the mercenary
Nine of the 35 individuals have been publicly confirmed as targeted, out of whom had their devices compromised with the mercenary
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico.
The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week.
Propagated via phishing mails, Mispadu is a Delphi-based information stealer
The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week.
Propagated via phishing mails, Mispadu is a Delphi-based information stealer
Microsoft is bringing the Linux sudo command to Windows Server
Microsoft is bringing the Linux ‘sudo’ feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications. […]
Leaky Vessels flaws allow hackers to escape Docker, runc containers
Four vulnerabilities collectively called “Leaky Vessels” allow hackers to escape containers and access data on the underlying host operating system. […]