Ransomware attacks jump as new malware strains proliferate, research finds
Written by AJ Vicens Aug 25, 2022 |...
More Bang for the Buck: Cross-Platform Ransomware Is the Next Problem
Two emerging ransomware gangs, known as RedAlert and Monster, have adopted cross-platform capabilities to make attacks easier to execute against multiple operating systems and environments. It's a shining example of a...
Why SBOMs alone aren’t enough for software supply chain security
It seems like just yesterday that the mad scramble following the SolarWinds compromise elevated supply chain security to the forefront of every entity, regardless of sector. The U.S. Cybersecurity...
CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit
The US Cybersecurity and Infrastructure Security Agency (CISA) is warning that a high-severity security vulnerability in Palo Alto Networks firewalls is being actively exploited in the wild.The bug (CVE-2022-0028,...
Unusual Microsoft 365 Phishing Campaign Spoofs eFax Via Compromised Dynamics Voice Account
An elaborate and rather unusual phishing campaign is spoofing eFax notifications and using a compromised Dynamics 365 Customer Voice business account to lure victims into giving up their credentials...
Efficient ‘MagicWeb’ Malware Subverts AD FS Authentication, Microsoft Warns
The attackers responsible for the SolarWinds supply-chain attack have added a new arrow to their quiver of misery: A post-compromise capability dubbed MagicWeb, which is used to maintain persistent...
White hat: I returned most of the stolen Nomad funds and all I got...
Hackers behind the $190 million Nomad Bridge are now being incentivized with white hat-themed nonfungible tokens (NFTs) if they return nearly all of the funds they stole from the...
Thoma Bravo Buying Spree Highlights Hot Investor Interest in IAM Market
Two recent financial transactions worth billions — both involving private equity firm Thoma Bravo — have highlighted the continued and strong interest among investors and other technology vendors in...
Charming Kitten APT Wields New Scraper to Steal Email Inboxes
Iranian advanced persistent threat (APT) group Charming Kitten has a new data-scraping tool in its arsenal that claws emails from victim Gmail, Yahoo, and Microsoft Outlook accounts using previously...
One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious
The scanners tasked with weeding out malicious contributions to packages distributed via the popular open source code repository Python Package Index (PyPI) create a significant number of false alerts,...
