Russian Hackers Reveal List of American Targets for Attack

A pro-Russian computer hacking cell announced it will be launching a series of cyber attacks on a number of United States government websites in an apparent response to escalating tensions between the country and the North Atlantic Treaty Organization (NATO). Read More …

New Android malware ‘RatMilad’ can steal your data, record audio

A new Android spyware named ‘RatMilad’ was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. The RatMilad spyware was discovered by mobile security firm Zimperium who warned that the malware could be Read More …

NSA, CISA, FBI Warn of Custom Exfiltration Tools Being Used Against Defense Industrial Base Organization

FORT MEADE, Md. — The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the FBI released a Cybersecurity Advisory today that details the tactics, techniques and procedures (TTPs) that likely multiple advanced persistent threat (APT) groups Read More …

Developer account body snatchers pose risks to the software supply chain

Software supply chain attacks, once the exclusive province of sophisticated state-sponsored attackers, have been gaining popularity recently among a broader range of cyber criminals. Attackers everywhere have realized that software supply chain attacks can be very effective, and can result Read More …

CISA Releases Five Industrial Control Systems Advisories

CISA has released five (5) Industrial Control Systems (ICS) advisories on October 04, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory Read More …

Moody’s turns up the heat on ‘riskiest’ sectors for cyberattacks

About $22 trillion of global debt rated by Moody’s Investors Service has “high,” or “very high” cyber-risk exposure, with electric, gas and water utilities, as well as hospitals, among the sectors facing the highest risk of cyberattacks. That’s more than Read More …

Microsoft Exchange server zero-day mitigation can be bypassed

Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough. Threat actors are already chaining both of these zero-day bugs in Read More …