Mar 07, 2025Ravie LakshmananSecurity Breach / Cryptocurrency Safe{Wallet} has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a “highly sophisticated, state-sponsored attack,” stating the North Korean threat actors…
Mar 07, 2025Ravie LakshmananThreat Intelligence /Vulnerability Threat actors of unknown provenance have been attributed to a malicious campaign predominantly targeting organizations in Japan since January 2025. “The attacker has exploited the vulnerability CVE-2024-4577, a remote…
Mar 06, 2025Ravie LakshmananData Security / Software Security Elastic has rolled out security updates to address a critical security flaw impacting the Kibana data visualization dashboard software for Elasticsearch that could result in arbitrary code…
Mar 06, 2025Ravie LakshmananMalware / Ransomware The financially motivated threat actor known as EncryptHub has been observed orchestrating sophisticated phishing campaigns to deploy information stealers and ransomware, while also working on a new product called…
Cyber threats are growing more sophisticated, and traditional security approaches struggle to keep up. Organizations can no longer rely on periodic assessments or static vulnerability lists to stay secure. Instead, they need a dynamic approach…
Mar 06, 2025Ravie LakshmananThreat Intelligence / Vulnerability The threat actors behind the Medusa ransomware have claimed nearly 400 victims since it first emerged in January 2023, with the financially motivated attacks witnessing a 42% increase…
Mar 06, 2025Ravie LakshmananData Breach / Website Security Over 1,000 websites powered by WordPress have been infected with a third-party JavaScript code that injects four separate backdoors. “Creating four backdoors facilitates the attackers having multiple…
The U.S. Department of Justice (DoJ) has announced charges against 12 Chinese nationals for their alleged participation in a wide-ranging scheme designed to steal data and suppress free speech and dissent globally. The individuals include…
Mar 05, 2025Ravie LakshmananNetwork Security / Data Breach The China-linked threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology…
USB drive attacks constitute a significant cybersecurity risk, taking advantage of the everyday use of USB devices to deliver malware and circumvent traditional network security measures. These attacks lead to data breaches, financial losses, and…