Ransomware Groups Exploit Weak VPN Credentials in 2024
Ransomware groups have increasingly targeted organizations by exploiting weak credentials in virtual private networks (VPNs) and gateway accounts lacking multifactor authentication (MFA), leading to a significant rise in ransomware activity throughout 2024.
View full story…
Surge In Medusa Ransomware Attacks Targets US Healthcare Sector
Medusa ransomware, linked to the Spearwing group, has significantly increased its activity in the US healthcare sector, targeting over 40 victims in early 2025 and employing double extortion tactics to demand ransoms ranging from $100,000 to $15 million.
View full story…
Latest Cybernews
Website Security: Strategies to Combat Online Threats
This document outlines essential strategies for website owners to protect against common online threats such as DDoS attacks, brute force attempts, and SQL injection attacks, ensuring optimal performance and security.
View full story…
US Indicts 12 Chinese Nationals for Cyber-Espionage
The US has indicted 12 Chinese nationals, including members of a cybersecurity firm and government officials, for their involvement in a decade-long cyber-espionage campaign that targeted US critics and various foreign ministries, causing significant financial damages and escalating tensions between the US and China.
View full story…
Sophisticated Cyber-Intrusion Campaign Targets Japanese Organizations
A sophisticated cyber-intrusion campaign exploiting the CVE-2024-4577 vulnerability in PHP on Windows servers has been identified, primarily affecting various sectors in Japan and utilizing tools like Cobalt Strike for persistent access.
View full story…
ENISA Identifies Compliance Challenges for Critical Infrastructure Sectors Under NIS2 Directive
The European Union’s ENISA has highlighted significant compliance challenges faced by six critical infrastructure sectors, including IT, health, and maritime, in meeting the new cybersecurity requirements of the NIS2 directive enacted in January 2023.
View full story…
Decline in Job Satisfaction Among Women in Cybersecurity
Job satisfaction among women in the cybersecurity sector has significantly decreased from 82% in 2022 to 67% in 2024, largely due to economic pressures, increased workloads, and organizational changes such as layoffs and budget cuts.
View full story…
Chaty Pro Plugin Vulnerability Exposes 18,000 WordPress Sites
A critical security flaw in the Chaty Pro plugin allows attackers to exploit arbitrary file uploads, potentially taking control of affected WordPress sites.
View full story…
ACRStealer Malware: A New Threat in Data Theft
ACRStealer, a sophisticated infostealer malware, has gained notoriety for its ability to covertly extract sensitive information by leveraging legitimate platforms like Google Docs and Steam since its emergence in mid-2024.
View full story…
Latest Cybernews
Website Security Services Essential for Protecting Against Online Threats
A security service is crucial for defending websites from various online attacks, ensuring their integrity and availability in an evolving cyber threat landscape.
View full story…
Google Introduces AI-Powered Scam Detection in Android 15
Google has launched an AI-driven scam detection feature in Android 15 to enhance user protection against cyber scams in the Google Messages app and during phone calls.
View full story…
Apple Challenges UK Government’s Encryption Backdoor Directive
Apple is contesting a UK government order requiring the creation of a backdoor in its iCloud encryption services, arguing that compliance would compromise user privacy and security.
View full story…
Nonprofits Face Surge in Cyber Threats Amid Rising Email Attacks
Nonprofit organizations are increasingly targeted by cybercriminals, with a 35.2% rise in email-based threats that exploit sensitive data and financial transactions.
View full story…