Security News

"A notable feature of these attacks is that the attackers leveraged a wide range of legitimate software packages in order to load their malware payloads using a technique known as DLL side-loading," the Symantec Threat Hunter team, part of Broadcom Software, said in a report shared with The Hacker News. The attacks entail the use of old and outdated versions of security solutions, graphics software, and web browsers that are bound to lack mitigations for DLL side-loading, using them as a conduit to load arbitrary shellcode designed to execute additional payloads.

Barracuda released its fourth-annual threat research report which looks at ransomware attack patterns that occurred between August 2021 and July 2022. This Help Net Security video highlights how ransomware attacks continue to be a threat to businesses of all sizes.

HYCU has announced its State of Ransomware Preparedness report in partnership with ActualTech Media, which reveals that ransomware is an unavoidable risk for businesses, which is why ransomware preparedness is a top priority. The report captures detailed data intended to help technology, financial and security leaders better prepare for and remediate ransomware attacks, which occur on average every 11 seconds and have risen to more than 236.1 million in the first half of 2022.

Apple has pushed out five security fixes including including two vulnerabilities in its iPhones, iPads and Mac operating systems that are already being exploited. The vendor said it fixed the flaw with improved bounds checks and has released patches for iPhone 6 and later, iPad Pro, iPad Air 2 and later, and iPad 5, iPad mini 4, and iPod touch models and all newer kit.

Hackers are launching new attacks to steal Steam credentials using a Browser-in-the-Browser phishing technique that is rising in popularity among threat actors. Today, Group-IB published a new report on the topic, illustrating how a new campaign using the 'Browser-in-the-Browser' method targets Steam users, going after accounts for professional gamers.

How can you protect your APIs from bots and bot attacks? Keep reading to learn effective ways for API bot detection and protection. Why is the risk of bot cyberattacks on APIs so high and common? 40% of organizations reported that more than half of their applications are exposed to third-party services or the internet owing to APIs.

A state-sponsored advanced persistent threat actor newly christened APT42 has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015. APT42 has exhibited a propensity to strike various industries such as non-profits, education, governments, healthcare, legal, manufacturing, media, and pharmaceuticals spanning at least 14 countries, including in Australia, Europe, the Middle East, and the U.S. Intrusions aimed at the pharmaceutical sector are also notable for the fact that they commenced at the onset of the COVID-19 pandemic in March 2020, indicating the threat actor's ability to swiftly modify its campaigns in order to meet its operational priorities.

The Vice Society gang has claimed the ransomware attack that hit Los Angeles Unified, the second largest school district in the United States, over the weekend. The Vice Society operation told BleepingComputer that they were responsible for the LAUSD ransomware attack but said they would not provide any proof of the attack until they published an entry on their data leak site.

The Lampion malware is being distributed in greater volumes lately, with threat actors abusing WeTransfer as part of their phishing campaigns. In a new campaign observed by email security firm Cofense, Lampion operators are sending phishing emails from compromised company accounts urging users to download a "Proof of Payment" document from WeTransfer.

A new attack technique called 'GIFShell' allows threat actors to abuse Microsoft Teams for novel phishing attacks and covertly executing commands to steal data using ... GIFs.The new attack scenario, shared exclusively with BleepingComputer, illustrates how attackers can string together numerous Microsoft Teams vulnerabilities and flaws to abuse legitimate Microsoft infrastructure to deliver malicious files, commands, and perform exfiltrating data via GIFs.