A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, […]
Apr 04, 2024NewsroomPhishing Attack / Malware An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. “The phishing emails use a unique vehicle incident lure and, in later stages of the infection chain, spoof the Federal Bureau of Transportation in a PDF that mentions […]
Scrut Automation, GRC platform, has announced today that it secured $10 million in growth capital from its existing investors, including Lightspeed, MassMutual Ventures, and Endiya Partners. The funding will be utilized to enhance platform capabilities, integrate generative AI for risk and compliance teams’ efficiency, and expand into North American and European markets. With this latest […]
Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company’s VMware ESXi servers and backups.
A persistent social engineering threat faced by enterprises involves attackers trying to obtain login credentials for identity and access management (IAM), cloud resources or single sign-on (SSO)-enabled systems. If successful, these entry points can allow broader access to an organization, leaving the potential for data theft and ransomware. We’ve observed a significant surge in 2024 […]
Only 3% of organizations across the globe have the ‘mature’ level of readiness needed to be resilient against modern cybersecurity risks, according to Cisco. The 2024 Cisco Cybersecurity Readiness Index highlights that readiness is down significantly from one year ago, when 15% of companies were ranked mature. Low cybersecurity risks readiness levels Companies today continue […]
Listen to the article 4 min This audio is auto-generated. Please let us know if you have feedback. Dive Brief: The state-linked intrusion on Microsoft Exchange Online that led to the theft of about 60,000 U.S. State Department emails last summer “was preventable and should never have occurred”, the Cyber Safety Review Board said Tuesday […]
PikaBot, along with other malicious loaders like QBot and DarkGate, heavily depends on spam campaigns for distribution. Its initial access strategies are intricately crafted, utilizing geographically targeted spam emails for specific countries.
Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise’s physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT brings additional cybersecurity considerations not typically present in conventional IT security architectures. The convergence of […]
- 1
- 2