TA551 Shifts Tactics to Install Sliver Red-Teaming Tool

A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment. The criminal threat group known as TA551 has added the Sliver…

Gigabyte Allegedly Hit by AvosLocker Ransomware

If AvosLocker stole Gigabyte’s master keys, threat actors could force hardware to download fake drivers or BIOS updates in a supply-chain attack a la SolarWinds. The AvosLocker ransomware gang is…

Why is Cybersecurity Failing Against Ransomware?

Hardly a week goes by without another major company falling victim to a ransomware attack. Nate Warfield, CTO at Prevailion, discusses the immense challenges in changing that status quo. Yes,…

Ransomware Sinks Teeth into Candy-Corn Maker Ahead of Halloween

Chicago-based Ferrara acknowledged an Oct. 9 attack that encrypted some systems and disrupted production. The manufacturer of some of Halloween’s most popular sweet treats has been hit with a ransomware…

Google Crushes YouTube Cookie-Stealing Channel Hijackers

Google has caught and brushed off a bunch of cookie-stealing YouTube channel hijackers who were running cryptocurrency scams on, or auctioning off, ripped-off channels.  Google has caught and brushed off…

VPN Exposes Data for 1M Users, Leading to Researcher Questioning

Experts warn that virtual private networks are increasingly vulnerable to leaks and attack. Free virtual private network (VPN) service Quickfox, which provides access to Chinese websites from outside the country,…

These hackers dodge Windows and target Linux as they look to steal phone data

A stealthy hacking group is infiltrating telecommunications companies around the world in a campaign which researchers have linked to intelligence gathering and cyber espionage.  The campaign, which has been active…

Geriatric Microsoft Bug Exploited by APT Using Commodity RATs

Disguised as an IT firm, the APT is hitting targets in Afghanistan & India, exploiting a 20-year-old+ Microsoft Office bug that’s as potent as it is ancient. An APT described…

Squirrel Bug Lets Attackers Execute Code in Games, Cloud Services

The out-of-bounds read vulnerability enables an attacker to escape a Squirrel VM in games with millions of monthly players – such as Counter-Strike: Global Offensive and Portal 2 – and…

Fresh APT Harvester Reaps Telco, Government Data

The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics. A previously unseen advanced persistent threat (APT) group dubbed Harvester by researchers…