Lyceum APT Returns, This Time Targeting Tunisian Firms
The APT, which targets Middle-Eastern energy firms & telecoms, has been relatively quiet since its exposure but not entirely silent. It’s kept up attacks through 2021 and is working...
Fresh APT Harvester Reaps Telco, Government Data
The group is likely nation-state-backed and is mounting an ongoing spy campaign using custom malware and stealthy tactics.
A previously unseen advanced persistent threat (APT) group dubbed Harvester by researchers...
Feds Warn BlackMatter Ransomware Gang is Poised to Strike
An advisory by the CISA, FBI and NSA reveals hallmark tactics of and shares defense tips against the cybercriminal group that’s picked up where its predecessor DarkSide left off.
Federal...
Baby’s Death Alleged to Be Linked to Ransomware
Access to heart monitors disabled by the attack allegedly kept staff from spotting blood & oxygen deprivation that led to the baby’s death.
A U.S. hospital paralyzed by ransomware...
Podcast: Could the Zoho Flaw Trigger SolarWinds 2.0?
Companies are worried that the highly privileged password app could let attackers deep inside an enterprise’s footprint, says Redscan’s George Glass.
A month ago, the FBI, CISA and the U.S....
TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates
The group – which also created BazarLoader and the Conti ransomware – has juiced its distribution tactics to threaten enterprises more than ever.
The cybercriminals behind the infamous TrickBot...
Twitter Suspends Accounts Used to Snare Security Researchers
The accounts were used to catfish security researchers into downloading malware in a long-running cyber-espionage campaign attributed to North Korea.
Twitter has shuttered two accounts – @lagal1990 and @shiftrows13 –...
FreakOut Botnet Turns DVRs Into Monero Cryptominers
The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.
Threat group FreakOut’s Necro botnet has developed a new trick: infecting Visual Tools DVRs with a...
Apple AirTag Zero-Day Weaponizes Trackers
Apple’s personal item-tracker devices can be used to deliver malware, slurp credentials, steal tokens and more thanks to XSS.
An unpatched stored cross-site scripting (XSS) bug in Apple’s AirTag “Lost...
Podcast: 67% of Orgs Have Been Hit by Ransomware at Least Once
Fortinet’s Derek Manky discusses a recent global survey showing that two-thirds of organizations suffered at least one ransomware attack, while half were hit multiple times.
A recent report found that...
