Victoria’s Secret is grappling with a significant cybersecurity incident that has rendered its e-commerce website inoperable, impacting online orders and internal systems, while investigations into a potential ransomware threat are underway.
A critical security flaw in Apple’s Safari web browser has led to the emergence of a sophisticated phishing technique known as the Fullscreen Browser-in-the-Middle (BitM) attack, which exploits the browser’s Fullscreen API to deceive users and steal credentials.
The rise of Ransomware-as-a-Service (RaaS) and the use of cryptocurrencies have transformed ransomware into a sophisticated criminal enterprise, significantly impacting Security Operations Centers (SOCs) and leading to high-profile attacks that cause substantial financial and reputational damage.
Over 90% of the world’s top email domains are susceptible to spoofing, enabling cybercriminals to execute sophisticated phishing attacks, with only 7.7% adopting strict DMARC policies to combat these threats.
A recent cyber-attack on ConnectWise, attributed to nation-state actors from China and Russia, exploited the CVE-2024-1709 vulnerability, leading to unauthorized access to its ScreenConnect cloud infrastructure.
Fortinet’s investigation reveals a sophisticated Remote Access Trojan that operated undetected for weeks, utilizing advanced evasion techniques and secure connections to a command-and-control server.
Two prominent UK healthcare organizations were attacked due to a vulnerability in Ivanti Endpoint Manager Mobile, raising concerns about the potential exposure of sensitive information.
A spoofed website mimicking Bitdefender’s legitimate page is distributing malware, including VenomRAT, StormKitty, and SilentTrinity, posing significant threats to users’ sensitive information.
The Czech Republic has formally accused China of orchestrating a cyber-espionage campaign targeting its Ministry of Foreign Affairs, attributed to the APT31 group, raising significant concerns over state-sponsored cyber activities and international relations.
Cybercriminals, particularly the Silent Ransom Group, are increasingly using low-tech, human-centric tactics like callback scams to exploit victims and gain access to sensitive information.
