Ukrainian Member of Notorious FIN7 Cybercrime Group Sentenced
A Ukrainian man called a "pen tester" by his cohorts in the FIN7 cybercrime gang was sentenced to five years in prison for his role hacking for the operation.
Denys Iarmak,...
BlackCat Purveyor Shows Ransomware Operators Have Nine Lives
A ransomware group boasting its members come from now-shuttered groups BlackMatter and REvil has emerged from the shadows to launch a new ransomware-as-a-service, already attacking an enterprise resource planning...
Mandiant to Use CrowdStrike Technology in Its Incident Response Services
Mandiant will use CrowdStrike's Falcon endpoint detection and response (EDR) technology in delivering incident response services and consulting engagements to customers under an agreement announced Thursday between the two...
Nearly 40% of Macs Left Exposed to 2 Zero-Day Exploits
Between 35% and 40% of all supported Macs might be at heightened risk of compromise from two zero-day vulnerabilities that Apple has said are being exploited in the wild,...
Microsoft Details New Security Features for Windows 11
Microsoft on Tuesday announced multiple security enhancements for Windows 11 devices that it said are designed to help organizations protect users and data in hybrid environments.
Among the updates is...
FIN7 Morphs into a Broader, More Dangerous Cybercrime Group
New research shows the notorious cybercrime group FIN7 to be behind numerous clusters of previously unattributed threat activity spanning several years and targeting organizations in multiple regions and industries.
The...
How IP Data Can Help Security Professionals Protect Their Networks
As we watch the tragedy unfold in Ukraine, security professionals are all too aware that Russia has built a massive cyber warfare arsenal and has been willing to use...
Millions of Installations Potentially Vulnerable to Spring Framework Flaw
Security firms produced two data points on Monday to estimate the number of Spring Framework installations that are vulnerable to the most recent flaw — CVE-2022-22965, also known as...
Apple’s Zero-Day Woes Continue
Apple's expanding footprint in enterprise organizations appears to have made its technologies a growing focus area for security researchers.
The company this week rushed out emergency patches for two zero-day...
Global BEC Crackdown Nets 65 Suspects
The FBI teamed up with international law enforcement agencies from around the globe to apprehend 65 alleged business email compromise (BEC) scammers behind crimes that cost some 500 US victims...
