Barings Law is planning to sue the two tech giants over numerous alleged violations of data misuse, including for AI training

A weakness in Google's OAuth "Sign in with Google" feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various...

The Halcyon RISE Team has identified a new Codefinger ransomware campaign targeting Amazon S3 buckets. This attack leverages…

A UK government consultation has proposed banning public sector and critical infrastructure organizations from making ransomware payments to disincentivize attackers from targeting these services

​The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. [...]

​The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. [...]

Graph neural networks aid in analyzing domains linked to known attack indicators, effectively uncovering new malicious domains and cybercrime campaigns. The post One Step Ahead in Cyber...

Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. [...]

Prepare for the 2025 altcoin season: experts predict rising interest in altcoins like WorldCoin, driven by Web3, blockchain,…

​Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. [...]

CISA claims US critical infrastructure providers are improving cyber hygiene and remediation activities

Some of the state’s new child safety law can be easily circumvented. Should it have gone further?

The .uk registry Nominet has been breached by a recently disclosed zero-day vulnerability in Ivanti products

A critical security breach in the software supply chain has been detected. An attacker accessed Kong’s DockerHub account…

​Microsoft says a known issue is causing Classic Outlook and Microsoft 365 applications to crash on Windows Server 2016 or Windows Server 2019 systems. [...]

A joint government advisory has set out steps critical infrastructure firms should take to ensure any OT products they purchase are secure by design

Huione Guarantee, a gray market researchers believe is central to the online scam ecosystem, now includes a messaging app, stablecoin, and crypto exchange—while facilitating $24 billion in transactions.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a second security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the...

2024-12-30 • Fortinet • Chris Hall Open article on Malpedia

2025-01-08 • CISO Series • Rich Stroffolino Open article on Malpedia

Nozomi Networks, provider of operational technology (OT) and Internet of Things (IoT) cybersecurity, and Stratejm, a Bell Canada... The post Stratejm integrates Nozomi Vantage for enhanced cloud...

2025-01-10 • Check Point Research • Check Point Research Open article on Malpedia

2025-01-10 • Spamhaus • Spamhaus Malware Labs • apk.coper, apk.flubot, apk.hook, elf.mirai, js.fakeupdates, win.asyncrat, win.bianlian, win.brute_ratel_c4, win.cobalt_strike, win.danabot,...

Risk Mitigation Consulting (RMC), a vendor of risk management, industrial cybersecurity, and engineering services for critical missions and... The post RMC announces key promotions, new hires amid...

MorganFranklin Consulting’s cybersecurity practice announced that it has completed a private equity backed management buyout from the broader... The post MorganFranklin Cybersecurity becomes...

Barcelona's mix of affordable cost of living and quality of life has helped create a vibrant startup community — and become a hotbed for the creation of surveillance technologies. © 2024...

A draft obtained by CyberScoop would give the sitting president a short window to sign it before his exit. The post Second Biden cyber executive order directs agency action on fed security, AI,...

The malware-laced files include draft versions of diplomatic statements, correspondence letters, internal administrative notes and other documents. The post Fancy Bear spotted using real Kazak...

The Biden administration states the rule will prevent U.S. chips from passing to China through countries loosely allied or not politically allied with the U.S.

Over the past year, the threat landscape has evolved quickly, and organizations of all sizes have been racing to keep their data, networks, and applications protected.