Security News
Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader....
Webinar The original European Union Network and Information Security Directive certainly led to an improvement in member states' cybersecurity defences, but it struggled to do everything required as cyberattacks and threats scaled up with the growth in digitalization. The new legislation expands the NIS security requirements, the scope of covered organizations and sectors.
More than 8,000 domains and 13,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and...
LockBitSupp, the individual running the LockBit ransomware-as-a-service operation, has made good on one promise: the LockBit leak site is back online on backup domains, with lists of victims expected to be unveiled in the coming days. Last week, Operation Cronos hit LockBit hard by taking over their leak site and affiliate panel, disrupting part of their infrastructure, and arresting some suspected affiliates.
A massive ad fraud campaign named "SubdoMailing" is using over 8,000 legitimate internet domains and 13,000 subdomains to send up to five million emails per day to generate revenue through scams and malvertising. "The campaign is called"SubdoMailing, as the threat actors hijack abandoned subdomains and domains belonging to well-known companies to send their malicious emails.
A massive ad fraud campaign named "SubdoMailing" is using over 8,000 legitimate internet domains and 13,000 subdomains to send up to five million emails per day to generate revenue through scams and malvertising. "The campaign is called"SubdoMailing, as the threat actors hijack abandoned subdomains and domains belonging to well-known companies to send their malicious emails.
After a short hiatus, Pikabot is back, with significant updates to its capabilities and components and a new delivery campaign. Pikabot is a loader - a type of malware whose primary function is to serve as a delivery mechanism for other malware.
A data protection watchdog in the UK has issued an enforcement notice to stop Serco from using facial recognition tech and fingerprint scanning to monitor staff at 38 leisure centers it runs. During an investigation, the Information Commissioner's Office, Britain's regulator set up to enforce data protection law, found Serco Leisure and several associated community leisure trusts had unlawfully processed the biometric data of more than 2,000 employees at all 38 of the leisure facilities to check attendance and calculate pay.
A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named...
Apple announced PQ3, its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST in 2022. There's a lot of detail in the Apple blog post, and more in Douglas Stabila's security analysis.