​CISA shared guidance for government agencies and enterprises on using expanded cloud logs in their Microsoft 365 tenants as part of their forensic and compliance investigations. [...]

2025-01-14 • The Record • Daryna Antoniuk Open article on Malpedia

A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. [...]

ASEC Blog publishes Ransom & Dark Web Issues Week 3, January 2025 Access to a major South Korean grocery retailer is being sold on XSS. 59 global companies listed as new victims of Cl0p...

A trove of information on current and former students and teachers was accessed during the December cyberattack, sources say © 2024 TechCrunch. All rights reserved. For personal use only.

Avery Products Corporation is warning it suffered a data breach after its website was hacked to steal customers' credit cards and personal information. [...]

Silver Spring, United States / Maryland, 15th January 2025, CyberNewsWire

​Ironically, cybercriminals now use Google search advertisements to promote phishing sites that steal advertisers' credentials for the Google Ads platform. [...]

The proposed HIPAA Security Rule introduces mandatory measures to prevent malicious cyberattacks in health care.

Tel Aviv, Israel, 15th January 2025, CyberNewsWire

A new report from Fortinet reveals increased adoption of multi-cloud strategies and hybrid implementations combining on-premises and public cloud infrastructure

The FBI deleted Chinese PlugX malware from thousands of devices in the US, using a technique developed by French cybersecurity firm Sekoia.io

Written by: Steven Karschnia, Truman Brown, Jacob Paullus, Daniel McNamara Executive Summary Due to their client-side nature, single-page applications (SPAs) will typically have multiple access...

2025-01-09 • Recorded Future • Insikt Group • win.plugx Open article on Malpedia

2025-01-14 • Department of Justice • Office of Public Affairs • win.plugx Open article on Malpedia

2025-01-14 • RedSense • Landon Rice, Marley Smith, Yelisey Bohuslavskiy • elf.blacksuit, elf.royal_ransom, ps1.royal_ransom, win.blacksuit, win.royal_ransom Open article on Malpedia

Following its ransomware attack, Change Healthcare used website code to hide the data breach notice from search engines. © 2024 TechCrunch. All rights reserved. For personal use only.

In this comprehensive review of CyberGhost VPN, we cover its features, pricing, security, and overall performance. Find out if this is the right VPN for you.

Lilith >_> of Cisco Talos discovered these vulnerabilities. Forty-four vulnerabilities and sixty-three CVEs were discovered across ten .cgi and three .sh files, as well as the static login page,...

Chainalysis estimates threat actors made at least $51bn through crypto crime in 2024

Microsoft says it will drop support for Office apps in Windows 10 after the operating system reaches its end of support on October 14. [...]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with partners through the Joint Cyber Defense Collaborative... The post CISA, JCDC release AI Cybersecurity...

Over 660,000 exposed Rsync servers are potentially vulnerable new to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that could lead to remote code execution. [...]

The security provider published mitigation measures to prevent exploitation

The U.S. Department of Justice (DoJ) on Tuesday disclosed that a court-authorized operation allowed the Federal Bureau of Investigation (FBI) to delete PlugX malware from over 4,250 infected...

Secureworks Counter Threat Unit (CTU) has identified links between North Korean IT workers and fraudulent crowdfunding activities, with the group known as Nickle Tapestry orchestrating scams to...

​Microsoft is investigating a bug triggering security alerts on systems with a Trusted Platform Module (TPM) processor after enabling BitLocker. [...]

Microsoft kicked off 2025 with a new set of patches for a total of 161 security vulnerabilities across its software portfolio, including three zero-days that have been actively exploited in...

Cybersecurity researchers have disclosed multiple security flaws in SimpleHelp remote access software that could lead to information disclosure, privilege escalation, and remote code execution....

CVE-2024-44243, a critical macOS vulnerability discovered recently by Microsoft, can allow attackers to bypass Apple’s System Integrity Protection…