Skip to content
Security News, Assessments & Alerts Page 161

Security News, Assessments & Alerts

Security Issues, Vulnerabilities, Exploits & Government Alerts

N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks

N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks

Mar 24, 2024NewsroomArtificial Intelligence / Cyber Espionage The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as… 

German Police Seize ‘Nemesis Market’ in Major International Darknet Raid

German Police Seize ‘Nemesis Market’ in Major International Darknet Raid

Mar 24, 2024NewsroomRansomware / Threat Intelligence German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services. The Federal Criminal Police Office (aka… 

Russian Hackers Use ‘WINELOADER’ Malware to Target German Political Parties

Russian Hackers Use ‘WINELOADER’ Malware to Target German Political Parties

Mar 23, 2024NewsroomCyber Espionage / Cyber Warfare The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to… 

New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.

New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.

Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S.,… 

AWS Patches Critical ‘FlowFixation’ Bug in Airflow Service to Prevent Session Hijacking

AWS Patches Critical ‘FlowFixation’ Bug in Airflow Service to Prevent Session Hijacking

Mar 22, 2024NewsroomAmazon Web Services / Vulnerability Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a… 

CISA, DC HSEMA and Regional Partners Conduct Exercise to Ensure National Capital Region Water Service Resilience

CISA, DC HSEMA and Regional Partners Conduct Exercise to Ensure National Capital Region Water Service Resilience

WASHINGTON, DC – The Cybersecurity and Infrastructure Security Agency (CISA),  DC Homeland Security Emergency Management Agency (HSEMA) the Metropolitan Washington Council of Governments (COG), hosted a water system tabletop exercise (TTX) yesterday in the National Capital Region… 

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

Mar 22, 2024NewsroomCyber Defense / Vulnerability A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part… 

Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects

Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects

Mar 22, 2024NewsroomWeb Security / Vulnerability A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites. The most… 

Implementing Zero Trust Controls for Compliance

Implementing Zero Trust Controls for Compliance

The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network…