You versus adversaries: How to become unbeatable in 20 cybersecurity moves

In today’s landscape, every business is inherently based on technology, increasing its susceptibility to significant and frequent threats that can hinder operations, success, and sustainability. At times, it can cause damage that is hard to bounce back from. Securing your Read More …

MrAnon Stealer Spreads via Email with Fake Hotel Booking PDF

FortiGuard Labs recently identified an email phishing campaign using deceptive booking information to entice victims into clicking on a malicious PDF file. The PDF downloads a .NET executable file created with PowerGUI and then runs a PowerShell script to fetch Read More …

Nissan probing possible cyberattack and data breach

Japanese car manufacturing giant Nissan is investigating a possible data breach, and is warning customers to be wary of potential scam emails and messages delivering malware. In a brief notification published on the Nissan Oceania websites, it was said that Read More …

Android phones can be taken over remotely – update when you can

Takeover a device remotely without the device owner needing to do anything. Updates for these vulnerabilities and more are included in Google’s Android security bulletin for December. In total, there are patches for 94 vulnerabilities, including five rated as “Critical.” Read More …

Star Blizzard increases sophistication and evasion in ongoing attacks

Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard (formerly SEABORGIUM, also known as COLDRIVER and Callisto Group). Star Blizzard has improved their detection evasion capabilities since 2022 Read More …

Millions of patient scans and health records spilling online thanks to decades-old protocol bug

Thousands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned. This standard, known as Read More …

Why Both C-Suite Executives and Technical Experts Need to Take Memory Safe Coding Seriously

Memory safety vulnerabilities are the most prevalent type of disclosed software vulnerability. They are a class of well-known and common coding errors that malicious actors routinely exploit. These vulnerabilities represent a major problem for the software industry as they cause Read More …

New macOS Trojan-Proxy piggybacking on cracked software

Illegally distributed software historically has served as a way to sneak malware onto victims’ devices. Kaspersky researchers have recently discovered several cracked applications distributed by unauthorized websites and loaded with a Trojan-Proxy. Attackers can use this type of malware to Read More …

TA422’s Dedicated Exploitation Loop – the Same Week After Week

Starting in March 2023, Proofpoint researchers have observed the Russian advanced persistent threat (APT) TA422 readily use patched vulnerabilities to target a variety of organizations in Europe and North America. TA422 overlaps with the aliases APT28, Forest Blizzard, Pawn Storm, Read More …