Russian Hackers Shut Down US State Government Websites
A hacktvist group with ties to the Russian government has claimed credit for cyberattacks on the government websites of three US states: Colorado, Kentucky, and Mississippi. The sites for Mississippi...
Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot
An emerging Russia-linked threat group is ramping up its malware-as-a-service operation by packaging several of its modules into a multifunctional malware offering, dubbed LilithBot, that it's peddling via Telegram.The Eternity...
US Consumers Are Finally Becoming More Security & Privacy Conscious
A survey on US consumer attitudes toward online privacy and security holds some potentially good news for enterprise organizations in an era of work-from-home and hybrid work models.The survey...
Relentless Russian Cyberattacks on Ukraine Raise Important Policy Questions
SECTOR 2022 -- Toronto — The first shots in the Russia-Ukraine cyberwar were fired virtually on Feb. 23, when destructive attacks were launched against organizations the day before Russian...
RatMilad Spyware Scurries onto Enterprise Android Phones
Attackers have been using a new spyware against enterprise Android devices, dubbed RatMilad and disguised as a helpful app to get around some countries' Internet restrictions.
For now, the campaign...
NullMixer Dropper Delivers a Multimalware Code Bomb
It's only after a user clicks a malicious link, downloads the malware, and then launches it that NullMixer is deployed. But once the dropper infects a victim's system, it...
CISA: Multiple APT Groups Infiltrate Defense Organization
Multiple advance persistent threat (APT) groups gained access to the network of a US-based defense organization in January 2021, extensively compromising the company's computers, network, and data for nearly...
Microsoft Updates Mitigation for Exchange Server Zero-Days
Microsoft today updated its mitigation measures for two recently disclosed and actively exploited zero-day vulnerabilities in its Exchange Server technology after researchers found its initial guidance could be easily bypassed.
Microsoft's...
Steam Gaming Phish Showcases Browser-in-Browser Threat
Attackers have been targeting users of the popular Steam online gaming platform by using an emerging phishing tactic that deploys authentic-looking fake browser windows to steal credentials and take...
Bumblebee Malware Loader’s Payloads Significantly Vary by Victim System
A new analysis of Bumblebee, a particularly pernicious malware loader that first surfaced this March, shows that its payload for systems that are part of an enterprise network is...
