The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. [...]
Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers' encrypted cloud data. [...]
Kaspersky experts analyze the Angry Likho APT group's attacks, which use obfuscated AutoIt scripts and the Lumma stealer for data theft.
Microsoft has developed the first ever quantum chip, shortening the timeframe for when quantum computers will break exiting encryption
Cyble Research and Intelligence Labs (CRIL) has uncovered a stealthy campaign that uses malicious LNK files disguised as seemingly innocent wallpapers to deliver AsyncRAT—an infamous remote access...
The Cyber Security Agency of Singapore (CSA) released on Thursday an advisory on Software Bill of Materials (SBOM)... The post CSA, OWASP urge developers to address OSS dependency risks amid...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI) and... The post CISA, FBI, MS-ISAC warn of Ghost ransomware...
Check out mitigation recommendations to protect your organization against the Ghost ransomware gang. Plus, get tips on how to attract and retain top cybersecurity professionals. And get the latest...
A newly identified cybersecurity vulnerability in Medixant’s RadiAnt DICOM Viewer has raised concerns about potential security threats in the healthcare sector. The vulnerability tracked as...
A previously unknown hacking group has been spotted targeting European healthcare organizations using spyware linked to Chinese state-backed hackers and a new ransomware strain, researchers said.
Learn how to sue companies under GDPR for data misuse. Understand your rights, file complaints, and claim compensation…
2025-02-18 • Orange Cyberdefense • Alexis Bonnefoi, Marine PICHON • win.nailao_locker, win.plugx, win.shadowpad Open article on Malpedia
2025-02-19 • Natto Thoughts • Eugenio Benincasa Open article on Malpedia
2025-02-19 • CISA • CISA • win.cring Open article on Malpedia
2025-02-20 • Infrawatch • Infrawatch Research Team • win.ghostsocks, win.lumma Open article on Malpedia
2025-02-20 • Silent Push • Silent Push • win.valley_rat Open article on Malpedia
2025-02-20 • Trend Micro • Daniel Lunghi • win.evilextractor, win.plugx, win.shadowpad Open article on Malpedia
2025-02-20 • Orange Cyberdefense • Alexis Bonnefoi, Marine PICHON • win.nailao_locker Open article on Malpedia
The Chinese nation-state threat group primarily gained access to Cisco devices with legitimate login credentials, according to Cisco Talos. The post Salt Typhoon gained initial access to telecoms...
As the third anniversary of the start of the Russia-Ukraine war approaches, Trustwave SpiderLabs created a series of blog posts to look back, reflect upon, and explain how this 21st Century war is...
The agency is rebranding a tech-focused unit in a move that some critics worry may be part of a larger shift away from regulating the crypto space. The post SEC rebrands cryptocurrency unit to...
This simple guide helps you identify and remove common consumer-grade spyware apps from your Android phone. © 2024 TechCrunch. All rights reserved. For personal use only.
Using stalkerware is creepy, unethical, potentially illegal, and puts your data and that of your loved ones in danger. © 2024 TechCrunch. All rights reserved. For personal use only.
Approximately 500 NIST staffers, including at least three lab directors, are expected to lose their jobs at the standards agency as part of the ongoing DOGE purge, sources tell WIRED.
A bug in the Android and iPhone monitoring operations allows anyone to access private data exfiltrated from a victim's device. © 2024 TechCrunch. All rights reserved. For personal use only.
Freelance software developers are the target of an ongoing campaign that leverages job interview-themed lures to deliver cross-platform malware families known as BeaverTail and InvisibleFerret....
William discusses what happens when security is an afterthought rather than baked into processes and highlights the latest of Talos' security research.
Cybercriminals are sneaking the cryptominer XMRig into pirated versions of popular games, and Russians appear to be the most frequent victims, according to researchers at Kaspersky.
If you need to lock down data or reduce your digital footprint, follow our step-by-step guide.
Fake browser update scams now target Mac, Windows, and Android users, delivering malware like FrigidStealer, Lumma Stealer, and…