FIN7 Lures Unwitting Security Pros to Carry Out Ransomware Attacks

The infamous Carbanak operator is moving is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure ‘pen-testing’ company. The financially motivated cybercrime gang behind…

Google details cookie stealer malware campaign targeting YouTubers

Google attributed the malware campaign to a group of attackers recruited via a Russian-language hacker forum. Google has disclosed details of a new campaign involving phishing attacks launched against YouTube…

US warns that Chinese government is using 'wide variety' of methods, some illegal, to steal trade secrets

Written by AJ Vicens Oct 22, 2021 | CYBERSCOOP The Chinese government’s aggressive push to dominate emerging technology such as artificial intelligence, quantum computing, and biotechnology make Beijing the “primary…

REvil Servers Shoved Offline by Governments – But They’ll Be Back, Researchers Say

A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline. The REvil…

Cisco SD-WAN Security Bug Allows Root Code Execution

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw. Cisco SD-WAN implementations are vulnerable to a high-severity privilege-escalation vulnerability in the IOS IE operating system that could allow…

Threat Actors Abuse Discord to Push Malware

The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs–across its network of 150 million users, putting corporate workplaces at risk. Threat actors are…

What Is Extended Detection and Response (XDR)? Features, Benefits, and Beyond

Overloaded security teams, poor visibility, and threat alert overload have quite an impact when it comes to detecting and effectively responding to cyber threats. Since today’s cyberattacks are extremely tricky…

YouTube Used to Push Password-Stealing Malware

A Trojan is a type of malware that acts according to the Greek legend, as it camouflages itself as a legitimate file or program to trick unsuspecting users into installing…

Government Agents Compromise REvil Backups to Force Group Offline

Government Agents Compromise REvil Backups to Force Group Offline The US authorities appear to have scored another win in their fight against ransomware by forcing the infamous REvil group offline.…

All You Need to Know About DNS Spoofing to Keep Your Organization Safe

This post is also available in: Danish The DNS in and of itself has never been secure. Being created in the 1980s when the Internet was a complete novelty, protection…