Security News

ChromeLoader may seem on the surface like a run-of-the-mill browser hijacker that merely redirects victims to advertisement websites. ChromeLoader is a pervasive and persistent browser hijacker that eventually manifests as a browser extension, modifying victims' Chrome settings and redirecting user traffic to advertisement websites.

In 2021, ransomware attacks continued to be one of the most prominent threats targeting businesses and organizations worldwide. High-profile attacks disrupted operations of companies in various sectors.

The paper reveals companies are more concerned and exposed to cyber threats than ever before, with 61 percent describing themselves as at best only "Fairly confident" at managing their current cybersecurity threat exposure, which should raise some eyebrows around the boardroom. Respondents also feared their cyber strategy would not keep pace with the rate of tech innovation and changes in the threat landscape.

Mandiant is a companies whose business centers around digital forensics and incident response as well as cyber threat intelligence. Understanding complex challenges and developing solutions to solve them is key to CTI. The investigative mindset needs experienced understanding of cyber threat actors' TTP as well as CTI tools, frameworks and IT systems.

Egress issued its mid-year 2022 threat report offering details of emerging threats along with insights about protecting employees, customers, and businesses from these specific cyberattacks. The report provides comprehensive details about threats associated with scam cryptocurrency donations to war-torn Ukraine, email phishing attacks using LinkedIn to target jobseekers, a rise in sextortion phishing emails and zero-day exploits circulating on the dark web, targeting electronic voters as well as Facebook and Gmail users.

The internet has become the catalyst to an ever-growing global economy. At its foundation, it was designed for connectivity, but not security.

A new FLASH report from the FBI warns about cyber actors scraping credit card data from compromised online checkout pages from US businesses. According to the FBI, a US business was targeted in September 2020 by an unidentified threat actor, who inserted malicious PHP code into the checkout page of the targeted company website.

If you head to CyberThreat 22 this Autumn you can draw on the expertise of some of the world's most experienced practitioners. This year's event takes place from September 12 to 13, at the Park Plaza in Westminster, London, and is backed by two of the most influential organizations in cybersecurity - SANS Institute and the UK government's National Cyber Security Centre, which is part of GCHQ. The organisers unabashedly describe Cyberthreat as the most technical cybersecurity event in the UK, but recognise that Cyber Defence is a team sport, that everyone is on a different journey and that every discovery, analytic achievement and breakthrough is backed by a personal story.

The new malware service, dubbed the Eternity Project by the threat actors behind it, allows cybercriminals to target potential victims with a customized threat offering based on individual modules they can buy for prices ranging from $90 to $490, researchers from security firm Cyble wrote in a blog post published Thursday. The modules include a stealer, clipper, worm, miner and ransomware, depending on what type of attack a threat actors wants to mount, according to the post.

Nearly every week in 2021 and early 2022, a prominent organization has been in the media spotlight as their public relations team struggles to explain how they were attacked and how they can regain consumer confidence. Many teams center their plans around prevention of the initial attack, not response, after an adversary successfully gains a foothold.