Articles tagged: windows
28 articles found
GlassWorm Campaign Evolves with Zig Dropper
The GlassWorm campaign has introduced a new Zig dropper to infect developer IDEs, while Russian submarine activity near undersea cables and a Windows zero-day vulnerability pose significant threats. Learn about these emerging threats and how to protect against them.
Supply Chain Under Siege
Recent supply chain attacks have compromised CPUID's API, exposed Eurail customer data, and stolen millions from Bitcoin Depot. Learn about these high-severity breaches and how to protect yourself.
Medusa Ransomware Zero-Day Attacks
Medusa ransomware affiliate linked to zero-day attacks, posing a significant risk to organizations. Microsoft has identified Storm-1175 as the actor behind Medusa payloads, highlighting the need for timely vulnerability remediation and robust security measures.
Qilin and Warlock Ransomware Threats Escalate
Qilin and Warlock ransomware operations are using vulnerable drivers to disable over 300 EDR tools, posing a significant threat to cybersecurity. Learn about the emerging threats and techniques used by these ransomware groups.
Ransomware Attacks Escalate with Qilin and REF1695 Operations
Active ransomware and cyberattacks are on the rise, with Qilin and REF1695 operations targeting organizations worldwide. Critical infrastructure is at risk, including emergency communications systems. Learn about the key threats and how to protect yourself.
Critical Infrastructure Under Siege
Vulnerabilities in critical infrastructure pose significant risks, with ShareFile flaws and Hitachi Energy's Ellipse product under attack. Emerging threats like CrystalRAT malware and Casbaneiro bank trojan also threaten security. Learn about the key threats and how to protect yourself.
Zero-Day Exploits Hit TrueConf Servers and Banking Systems
Hackers exploit zero-day vulnerability in TrueConf conference servers to push malicious updates, while a phishing campaign targets Latin America and Europe with Windows banking trojans like Casbaneiro. These attacks highlight the ongoing threat of zero-day exploits and social engineering.
New Malware Threats Emerge
A surge in new malware threats has been detected, including CrystalRAT, AGEWHEEZE, and AtlasCross RAT. These threats pose a significant risk to individuals and organizations, with capabilities such as remote access, data theft, and keylogging.
Supply Chain Attacks Hit Axios, Mercor, and Nissan
Recent supply chain attacks have targeted major companies like Axios, Mercor, and Nissan, resulting in data breaches and compromised systems. Learn about the key facts and takeaways from these incidents.
Emerging Threats Hit Asia
A previously undocumented remote access trojan named AtlasCross RAT is being used in an active campaign targeting Chinese-speaking users. Russian-origin CTRL toolkit and China-linked clusters are also on the rise, targeting Southeast Asian government organizations with various malware families.
DeepLoad Malware Spreads with ClickFix
A new malware loader called DeepLoad has been discovered, using the ClickFix social engineering tactic to distribute itself and steal browser credentials. This high-severity threat utilizes AI-assisted obfuscation and WMI persistence, making it a significant concern for security professionals.
Telnyx Targeted in TeamPCP Supply Chain Attack
Telnyx faces a high-severity supply chain attack as malicious SDK versions are uploaded to PyPI, affecting Windows, macOS, and Linux. This incident highlights the importance of securing software supply chains.
Bearlyfy's Custom Ransomware Hits Russian Firms
The Bearlyfy group has launched targeted ransomware attacks on over 70 Russian companies using custom GenieLocker ransomware, demonstrating increased sophistication in ransomware campaigns. These attacks aim to inflict maximum damage on Russian businesses, highlighting the need for enhanced cybersecurity measures.
Russian Cybercriminal Sentenced to Prison for Ransomware Attacks
A Russian national has been sentenced to two years in prison for managing a botnet used in ransomware attacks against US companies. This sentencing highlights ongoing efforts to combat cybercrime and ransomware attacks. Learn more about the threat and how to protect yourself.
Critical Patches Released for iOS and Windows
Apple and Microsoft have released critical security patches to prevent exploitation of known vulnerabilities. Users are advised to update their software immediately to protect against potential attacks.
Phishing Attacks Surge
Russian state-sponsored hackers are targeting government officials and journalists with Signal and WhatsApp phishing campaigns, while threat actors abuse .arpa DNS and IPv6 to evade defenses. Financial and healthcare organizations are also being targeted with Microsoft Teams phishing and A0Backdoor malware.
ClickFix Ransomware and Russian Cyber Campaigns
ClickFix attack and Termite ransomware pose high severity threats, while Russian cyber campaigns target Signal and WhatsApp. Emerging threats include abuse of internet infrastructure and custom malware. Stay informed to protect against these evolving cyber threats.
Phishing Attacks Surge with New Tactics
Phishing attacks are on the rise with new tactics, including abusing .arpa DNS and IPv6 reverse DNS. Data breaches and cybersecurity strategy updates are also in focus. Learn about the latest threats and how to protect yourself.
Nation-State Actors Unleash New Malware Campaigns
Nation-state actors are launching sophisticated malware campaigns, including the ClickFix social engineering campaign and attacks on Iraqi officials. These threats highlight the evolving landscape of cyberattacks and the need for heightened security measures.
State-Sponsored Threats and Vulnerabilities Plague Cybersecurity
State-sponsored threat actors and vulnerabilities pose significant risks to cybersecurity. Chinese state hackers target telcos, while vulnerabilities in Avira antivirus and WordPress plugins are exploited. Learn about the key threats and how to protect yourself.
Critical Infrastructure Under Siege
Targeted attacks on critical infrastructure are on the rise, with a China-linked APT group targeting telecommunication service providers and a Russian ransomware operator pleading guilty in the US. These attacks highlight the need for robust security measures and international cooperation.
Zero-Day Vulnerabilities and AI-Powered Threats
Critical zero-day vulnerabilities in FreeScout and VMware Aria Operations, along with AI-powered malware and info-stealing threats, pose significant risks to organizations. Immediate action is required to patch and mitigate these threats.
Ransomware Takedowns and Critical Infrastructure Threats Escalate
Law enforcement actions against ransomware operations and stolen credential marketplaces show progress, but targeted attacks on critical infrastructure and emerging threats pose significant risks. Organizations must stay vigilant and adapt their security strategies to combat these evolving threats.
Critical Threats: AWS Drone Strikes, Ransomware, and Zero-Days
AWS data centers face drone strikes, major ransomware attacks hit healthcare and gaming, and zero-day vulnerabilities are exploited in the wild. Stay ahead of these critical threats with our latest analysis.
Ransomware and Cyber Espionage Threats Escalate
Ransomware and cyber espionage campaigns are on the rise, targeting critical infrastructure and sensitive information. Recent attacks include a Chinese cyber espionage campaign that breached 53 organizations across 42 countries, and the Lazarus Group's use of Medusa ransomware in attacks on the Middle East and US healthcare sectors.
Critical Vulnerabilities Exposed in Trend Micro, Juniper, and Zyxel Products
Newly disclosed vulnerabilities in Trend Micro, Juniper Networks, and Zyxel products pose significant risks to users. ICS and energy sector vulnerabilities are also highlighted, emphasizing the need for urgent patches and security measures.
Nation-State Cyberattacks Surge
MuddyWater, APT28, and Lazarus Group launch targeted attacks on organizations worldwide. Learn about the latest nation-state sponsored cyber threats and how to protect your organization.
Zero-Day Vulnerability Under Active Exploitation
A critical zero-day vulnerability is being actively exploited, while significant data breaches and new malware campaigns pose high risks to users. Immediate action is necessary to prevent further exploitation.