Russian Cyber-Espionage Campaign Targets Kazakhstan’s Diplomatic Entities
A cyber-espionage campaign linked to the Russia-aligned group UAC-0063 has been using weaponized Microsoft Word documents to deploy advanced malware, including HatVibe and CherrySpy, against diplomatic targets in Kazakhstan and Central Asia.
View full story…
FunkSec Emerges as a Notorious AI-Driven Ransomware Group
FunkSec, a newly formed ransomware-as-a-service group, has quickly gained notoriety for its aggressive tactics and AI-assisted operations, claiming over 85 victims in December 2024 alone.
View full story…
Latest Cybernews
Medusind Inc Data Breach Exposes Personal Information of Over 360,000 Individuals
Medusind Inc, a Miami-based medical billing company, has reported a significant data breach affecting over 360,934 individuals, compromising their personal, financial, and medical information amid growing cybersecurity challenges in the healthcare sector.
View full story…
LDAPNightmare Exploit Targets Microsoft Vulnerabilities
A deceptive proof-of-concept exploit named LDAPNightmare has emerged, targeting critical Microsoft vulnerabilities CVE-2024-49112 and CVE-2024-49113, and is being weaponized by threat actors to distribute information-stealing malware through fraudulent repositories.
View full story…
Ransomware Attack Disrupts Slovak Republic’s Cadastral Systems
A significant ransomware attack attributed to the group “Kapor” has severely impacted the information systems of the Office of Geodesy, Cartography, and Cadastre of the Slovak Republic, leading to service disruptions and raising concerns about data security.
View full story…
CrowdStrike Uncovers Phishing Campaign Targeting Job Seekers
CrowdStrike has identified a sophisticated phishing campaign where cybercriminals impersonate recruiters to deceive job seekers, particularly developers, into downloading malware disguised as a recruitment application.
View full story…
Latest Cybernews
PowerSchool Data Breach Exposes Millions of Students’ Personal Information
PowerSchool, a leading provider of cloud-based K-12 software, suffered a significant cybersecurity breach that compromised the personal data of millions of students and teachers across North America, prompting concerns about data security in educational institutions.
View full story…
Chinese Cyber Espionage Group MirrorFace Targets Japan’s National Security
A series of sophisticated spear-phishing attacks orchestrated by the Chinese threat actor MirrorFace has targeted government bodies, think tanks, and media outlets in Japan from December 2019 to July 2023, employing advanced malware and tactics to steal sensitive information.
View full story…
Urgent Advisory Issued for Ivanti Customers Over Critical Vulnerabilities
The UK’s NCSC and the US CISA have warned Ivanti customers to address two critical vulnerabilities in Ivanti Connect Secure and related products, with evidence of active exploitation linked to cyber threat groups.
View full story…
Latest Cybernews
US Launches Cyber Trust Mark for Secure Internet-Connected Devices
The Biden administration has introduced the Cyber Trust Mark, a voluntary cybersecurity labeling program aimed at helping consumers identify secure internet-connected devices amidst rising cyber threats.
View full story…
Fraud Campaign Targets Middle Eastern Consumers Through Impersonation
A sophisticated multi-stage fraud campaign has been identified, where scammers impersonate government officials to deceive primarily female consumers into revealing their credit card details through remote access software.
View full story…
Unconventional Cyberattacks Target PayPal Accounts Through Phishing Campaigns
Sophisticated phishing campaigns are exploiting legitimate features of Microsoft 365 to compromise PayPal accounts, allowing attackers to gain unauthorized access to users’ financial information.
View full story…