Latest Cybernews
Microsoft Announces Phased Rollout of Mandatory Multi-Factor Authentication for Azure Sign-Ins
Microsoft’s Secure Future Initiative introduces mandatory MFA for Azure sign-ins to enhance security and protect user data against cyberattacks.
View full story…
Large-Scale Extortion Campaign Targets Cloud Environments
Threat actors exploit leaked env files to compromise cloud environments and conduct ransom operations, targeting over 230 million unique targets and leveraging AWS resources for privilege escalation.
View full story…
US Lawmakers Call for Investigation into Chinese-Made WiFi Routers
House Select Committee raises concerns about security risks associated with TP-Link routers and calls for probe into potential national security threats posed by Chinese company.
View full story…
New macOS Malware Banshee Stealer Poses Threat to Mac Users
Security researchers have discovered a new macOS malware known as Banshee Stealer, designed to exfiltrate sensitive data from popular browsers and cryptocurrency wallets, suspected to be created by Russian actors.
View full story…
Russian National Sentenced to 40 Months in Prison for Dark Web Marketplace Fraud
Georgy Kavzharadze, also known as TeRorPP, sentenced for selling over 626,100 stolen login credentials on Slilpp, resulting in $1.2 million in fraudulent transactions.
View full story…
Massive Data Breach at National Public Data Exposes 3 Billion Records
Cybercriminal group “USDoD” steals personal information from National Public Data, putting individuals at risk for scams, cybercrime, and espionage.
View full story…
ValleyRAT Malware Campaign Targets Chinese Enterprises
FortiGuard Labs researchers have identified an ongoing ValleyRAT malware campaign targeting Chinese enterprises, particularly in e-commerce, finance, sales, and management sectors, attributed to the threat group Silver Fox.
View full story…
Russian Cybercriminals Behind Tusk Campaign Impersonate Brands to Distribute Malware
Russian-speaking cybercriminals orchestrate Tusk campaign, using phishing tactics to distribute DanaBot and StealC malware through fake brand sites.
View full story…
Global Web DDoS Attacks Surge in First Half of 2024, EMEA Organizations Primary Targets
Radware reports record-breaking six-day Web DDoS attack campaign on financial institution, with multiple waves lasting 4- to 12-hours each, totaling 100 hours of attack time and reaching an average of 4.5 million RPS with a peak of 14.7 million RPS.
View full story…
Latest Cybernews
Ransomware Actors Projected to Have Most Profitable Year in 2024
2024 sees record-breaking $1B in ransoms paid, with high-profile attacks contributing to the surge in profits for mainly Russian cybercriminals.
View full story…
Cybercrime Group Deploys EDRKillShifter Tool to Disable EDR Software on Compromised Hosts
RansomHub ransomware group utilizes EDRKillShifter tool to exploit vulnerabilities and disable endpoint detection and response software on targeted computers.
View full story…
Critical GitHub Actions Vulnerability ArtiPACKED Discovered
Researchers at Palo Alto Networks’ Unit 42 uncover ArtiPACKED vulnerability in GitHub Actions artifacts, posing a significant threat to repository security for major companies like Google, Microsoft, and Amazon Web Services.
View full story…
New Variant of Gafgyt Botnet Targets Cloud Servers for Cryptocurrency Mining
A new variant of the Gafgyt botnet is exploiting weak SSH passwords on cloud servers for cryptocurrency mining using GPU computing power.
View full story…