Business Email Compromise Threats Surge in Manufacturing Sector
Business Email Compromise (BEC) threats, particularly in the manufacturing sector, have increased significantly, with 36% of attacks utilizing generative AI to exploit vulnerabilities and target employees through impersonation and social engineering tactics.
View full story…
North Korean Group Executes Supply Chain Attack on npm Ecosystem
The Tenacious Pungsan group launched a sophisticated supply chain attack in October 2024, publishing malicious npm packages that mimicked legitimate software to target developers and exfiltrate sensitive data.
View full story…
Russian Threat Group UNC5812 Targets Ukrainian Military Recruits With Spoofed App
The Russian threat group UNC5812 is executing a hybrid espionage and influence operation against potential Ukrainian military recruits by distributing information-stealing malware through a spoofed version of the “Civil Defense” application.
View full story…
Zero Trust Architecture: A Key Strategy for Securing Hybrid Cloud Environments
Organizations are increasingly adopting Zero Trust Architecture to address the security challenges posed by hybrid cloud environments and protect sensitive data from emerging threats.
View full story…
Windows Downdate Attack Poses Threat to Microsoft Windows 11 Security
The Windows Downdate attack exploits vulnerabilities in the Windows kernel, allowing attackers to downgrade essential OS components and bypass security measures, potentially leading to severe security breaches.
View full story…
Viettel Cyber Security Team Wins Pwn2Own 2024 Championship
The Viettel Cyber Security team secured their second consecutive championship at Pwn2Own 2024 in Ireland, earning $205,000 by discovering nine zero-day vulnerabilities across various products, including the Sonos Era 300 speaker and HP Color LaserJet Pro printer.
View full story…
End-of-Life Software Poses Security Risks for Organizations
Many organizations continue to rely on unsupported end-of-life software, increasing their vulnerability to security threats and potential data breaches.
View full story…
Rise of Online Job Scams Targeting Remote Workers
Cybersecurity experts warn that sophisticated online job scams are exploiting financially vulnerable individuals seeking remote work by impersonating legitimate organizations and using manipulative tactics to extract money.
View full story…
Surge In Phishing Attacks Targeting Cryptocurrency Users On Webflow
Cybersecurity researchers have reported a tenfold increase in phishing activities on Webflow, primarily targeting sensitive information from cryptocurrency wallets and webmail platforms, affecting over 120 organizations in North America and Asia.
View full story…
Latest Cybernews
Ukrainian Authorities Warn of HOMESTEEL Phishing Attack by UAC-0218
Ukrainian authorities have issued a warning about a significant phishing attack by the hacking group UAC-0218, utilizing a new malware variant called HOMESTEEL to target citizens, state bodies, and military units for sensitive data exfiltration.
View full story…
AI Impersonation Poses Significant Cybersecurity Threats
As malicious actors increasingly exploit AI technologies, organizations face challenges in combating identity-based attacks and phishing scams, necessitating robust security measures and advanced identity solutions.
View full story…
Emergence of macOS NotLockBit Ransomware Targets Apple Devices
A new ransomware strain, macOS NotLockBit, has been identified as the first fully functional ransomware targeting macOS, exploiting the reputation of LockBit to mislead victims while employing sophisticated encryption and data exfiltration techniques.
View full story…
Apple Unveils Private Cloud Compute Platform to Enhance AI Privacy and Security
Apple has launched its Private Cloud Compute platform, emphasizing transparency and independent verification of its privacy claims while offering significant monetary rewards for identifying security vulnerabilities.
View full story…
Critical Security Vulnerability Discovered in Wi-Fi Test Suite
A critical security vulnerability, CVE-2024-41992, has been identified in the Wi-Fi Test Suite, allowing unauthorized code execution on devices like Arcadyan FMIMG51AX000J routers, posing significant security risks.
View full story…