A closer look at Wiz’s data classification engine — including our new Novel Classifiers
The 19-year-old Assumption College student, Matthew Lane, also was charged Tuesday with hacking and demanding a ransom payment from an unnamed telecommunications company, according to...
Our intense monitoring of tens of thousands of malicious samples helped this global disruption operation
It takes just one email to compromise an entire system. A single well-crafted message can bypass filters, trick employees, and give attackers the access they need. Left undetected, these threats...
Global law enforcement authorities and Microsoft seized or disrupted the prolific infostealer’s central command infrastructure, malicious domains and marketplaces where the malware was sold. The...
US, European, and Japanese authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma, an infostealer popular with criminal gangs.
Global law enforcement authorities and Microsoft seized or disrupted the prolific infostealer’s central command infrastructure, malicious domains and marketplaces where the malware was sold. The...
A new malware campaign disguised as Kling AI used fake Facebook ads and counterfeit websites to distribute an infostealer
Prosecutors say the hacker stole information on 60 million students, an incident that matches the data breach at PowerSchool.
Patched privilege escalation flaw in Google Cloud Platform linked to wider cloud security concerns
ASEC Blog publishes Ransom & Dark Web Issues Week 4, May 2025 Six global hospitality companies listed as new victims of the Stormous ransomware. An unidentified South Korean company listed as a...
AhnLab SEcurity intelligence Center (ASEC) has discovered malware signed with the certification of Nexaweb Inc. by investigating a file with the same characteristics as the one signed with a...
In recent breach incidents, threat actors have been observed not only accessing systems, but also directly querying internal databases and stealing sensitive information. Particularly, more threat...
Cybersecurity researchers have discovered a new campaign that employs malicious JavaScript injections to redirect site visitors on mobile devices to a Chinese adult-content Progressive Web App...
The Russian government has introduced a new law that makes installing a tracking app mandatory for all foreign nationals in the Moscow region. [...]
Newsweek and Statista R call Broadcom “most outstanding” across five critical security categories
2025-05-20 • Kaspersky • AMR • win.purelogs Open article on Malpedia
The delegated Managed Service Account (dMSA) feature was introduced in Windows Server 2025 as a secure replacement for legacy service accounts and to prevent credential attacks like Kerberoasting,...
For those of us in cybersecurity, there are a lot of unanswered questions and associated concerns about integrating AI into these various products. No small part of our worries has to do with the...
2025-05-20 • Acronis • Jozsef Gegeny, Prakas Thevendaran, Santiago Pontiroli Open article on Malpedia
A 3AM ransomware affiliate is conducting highly targeted attacks using email bombing and spoofed IT support calls to socially engineer employees into giving credentials for remote access to...
KrebsOnSecurity hit and survided a record-breaking 6.3 Tbps DDoS attack linked to the Aisuru IoT botnet, but it shows the vulnerable state of IoT devices.
The crypto giant said the unauthorized access to customer data dates back to late December 2024.
As the summer travel season approaches, travelers worldwide are busy booking their holidays, entrusting the hospitality industry with some of their most sensitive personal and financial...
Our recent blog highlighting the latest Dragos Knowledge Pack explored critical advancements in ransomware detection capabilities for the Dragos Platform,... The post Dragos Industrial Ransomware...
Google has announced a new feature in its Chrome browser that lets its built-in Password Manager automatically change a user's password when it detects the credentials to be compromised. "When...
The head of the cybercrime unit at the National Crime Agency says the investigation into cyberattacks on British retail companies is not focused on a specific group, for now.
The world we live in is packed with data. Texts, emails, social media posts, deleted files, you name…
Rail cybersecurity company Cylus and duagon, a vendor of communication, computing, and control technology for railway and embedded... The post Cylus and duagon partner to embed cybersecurity into...
Earlier this month, a coordinated disruption action targeting the Lumma malware-as-a-service (MaaS) information stealer operation seized thousands of domains, part of its infrastructure backbone...