Security News

Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks
2024-11-13 07:14

The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the...

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration
2024-11-12 14:01

Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per...

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks
2024-11-12 06:00

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir...

New Ymir ransomware partners with RustyStealer in attacks
2024-11-11 22:46

A new ransomware family called 'Ymir' has been spotted in the wild, being introduced onto systems that were previously compromised by the RustyStealer info-stealer malware. [...]

Halliburton reports $35 million loss after ransomware attack
2024-11-11 15:21

Halliburton has revealed that an August ransomware attack has led to $35 million in losses after the breach caused the company to shut down IT systems and disconnect customers. [...]

Critical Veeam RCE bug now used in Frag ransomware attacks
2024-11-08 20:23

After being used in Akira and Fog ransomware attacks, a critical Veeam Backup & Replication (VBR) security flaw was also recently exploited to deploy Frag ransomware. [...]

CISA warns of critical Palo Alto Networks bug exploited in attacks
2024-11-07 19:03

Today, CISA warned that attackers are exploiting a critical missing authentication vulnerability in Palo Alto Networks Expedition, a migration tool that can help convert firewall configuration...

AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds
2024-11-06 22:18

AI-enhanced malicious attacks are a top concern for 80% of executives, and for good reason, as there is a lot of evidence that bad actors are exploiting the technology.

Hackers increasingly use Winos4.0 post-exploitation kit in attacks
2024-11-06 21:25

Hackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps. [...]

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware
2024-11-06 17:52

An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus...