In a bold and long-overdue move, Microsoft and CrowdStrike, two of the cybersecurity industry most influential players, have joined forces to revolutionize how cyber threat actors are named and tracked. Partnering with Google’s Mandiant and Palo Alto Networks’ Unit 42, this initiative aims to establish a standardized naming convention for known threat actors—a sort of … Continued
Cybersecurity researchers have identified two significant vulnerabilities in widely used Linux distributions, specifically impacting Ubuntu, Red Hat Enterprise Linux (RHEL), and Fedora. A local attacker could use these flaws to steal sensitive information, including user password hashes, which are crucial for system security. To understand these vulnerabilities, one should first understand “Core Dumps”. A core … Continued
DOJ Takedown Marks Major Win Against Malware Crypting Services In a multinational law enforcement operation, the U.S. Department of Justice has seized four domains that provided services to cybercriminals, enabling them to evade antivirus detection. Cybercriminals frequently use “malware crypting services” and “counter-antivirus (CAV) tools” to render their malware undetectable by conventional security systems. … Continued
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned Funnull Technology Inc., a Philippines-based company, along with its administrator Liu Lizhi, for facilitating extensive romance baiting scams that resulted in substantial cryptocurrency losses. Operating out of Taguig, Philippines, Funnull allegedly provided technical support to thousands of fraudulent websites offering fake … Continued
Category: Vulnerabilities | Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added a critical security vulnerability affecting SonicWall Secure Mobile Access (SMA) 100 Series devices to its Known Exploited Vulnerabilities (KEV)catalog, following confirmed reports of real-world exploitation. This high-severity flaw, tracked as CVE-2021-20035 with a CVSS score of 7.2, is an … Continued
RSA Conference has announced the Top 10 Finalists for its 20th annual RSAC™ Innovation Sandbox contest. From securing LLM’s to embedding AI agents into everyday security workflows, these companies are redefining what’s possible. Each finalist will receive a $5 million investment to advance their cybersecurity innovations. These finalists will present their solutions on April … Continued
Dragon RaaS is a Russian Ransomware group that actively participates in hacktivism and cybercrime. It gained significant attention in July of last year when it became part of a larger cybercrime syndicate known as “The Five Families,” which includes ThreatSec, GhostSec, Blackforums, and SiegedSec. The group officially launched its operations in October 2024, announcing its … Continued
After infamous NSO group’s fiasco, another Israeli spyware provider has come under public scrutiny for supplying spyware to major Western governments. Researchers have now mapped out the global infrastructure of this new spyware in a report published on Wednesday. Background Founded in Israel in 2019 by former Prime Minister Ehud Barak and ex-Unit … Continued
A sophisticated new malware strain called “Arcane” is targeting gamers through YouTube videos and steal wide range of sensitive data from VPN, gaming clients, and network utilities like ngrok, Playit, Cyberduck, FileZilla and DynDNS. How Arcane Stealer Works Arcane Stealer Distribution(Source:Securelist) The initial attack begins with YouTube videos … Continued
Ukrainian cybersecurity officials have identified a new malware campaign specifically targeting the country’s defense infrastructure, according to an alert from the Computer Emergency Response Team of Ukraine (CERT-UA). This development comes amid controversy about Signal’s cooperation with Ukrainian authorities. According to The Record, Signal allegedly stopped responding to requests from Ukrainian law enforcement regarding Russian … Continued
