Hackers Breached Colonial Pipeline Using Compromised VPN Password
By: Ravie Lakshmanan
The ransomware cartel that masterminded the Colonial Pipeline attack early last month crippled the pipeline operator's network using a compromised virtual private network (VPN) account password, the...
Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities
By: Ravie Lakshmanan
New upgrades have been made to a Python-based "self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems...
Researchers Uncover Hacking Operations Targeting Government Entities in South Korea
By: Ravie Lakshmanan
A North Korean threat actor active since 2012 has been behind a new espionage campaign targeting high-profile government officials associated with its southern counterpart to install an...
US Seizes Attacker Domains Used in USAID Phishing Campaign
The move follows last week's disclosure of an ongoing attack designed to mimic emails from the US Agency for International Development.The United States has seized two command-and-control (C2) and...
Nobelium Phishing Campaign Poses as USAID
Microsoft uncovered the SolarWinds crooks using mass-mail service Constant Contact and posing as a U.S.-based development organization to deliver malicious URLs to more than 150 organizations.
The cybercriminal group behind...
Google Researchers Discover A New Variant of Rowhammer Attack
By: Ravie Lakshmanan
A team of security researchers from Google has demonstrated yet another variant of the Rowhammer attack that bypasses all current defenses to tamper with data stored in...
